25.8.1.6 - August 2025, Feature

Release category: Mandatory

Features

  1. eSIM support has been added to the following platforms:

    • EX15 (using the EG25-G modem module)

    • EX50 (using RM520N-GL modem module)

    • IX10 (using EG25-G modem module)

    • IX20 (using EG25-G modem module)

    • IX40 5G

    • TX40 5G

Enhancement

  1. The Factory Erase support has been updated with the following:

    • A new configuration to perform a complete factory erase with a single button push.

    • Non system files in the /opt directory will be erased.

    • Remove the APNs configured in the cellular module.

  2. A network performance monitoring feature has been added that will periodically test the network. It will send out a number of ping packets and collect minimum, maximum and average latency, jitter, and packet loss. It can also do an hourly SpeedTest over the interface to collect upload and download rates.

    The results are uploaded to Digi Remote Manager as part of the Query State data.

  3. The SSH support has been updated so that only SSH key authentication can be used in Primary Responder mode.

    • Users that use SSH passwords with Primary Responder SHOULD update their configuration to use SSH keys before updating to this firmware version.

  4. Python has been included in the IX30 build for the IX30-0EG4 variant. This means the live image is no longer required.

  5. Added support for Docomo and KDDI carriers for modem firmware selection and default APNs.

Security fixes

Package updates will include all security updates for the stated release, unless stated otherwise.

  1. The Busybox package has been patched to resolve CVE-2022-48174 [DAL-11784]

    CVE-2022-48174 CVSS Score: 9.8 Critical

  2. The Curl package has been updated to version 8.13.0

    CVE-2025-0725 CVSS Score: 7.3 High

  3. The OpenSSL package has been updated to v3.5.1 [DAL-11808]

    CVE-2024-13176 CVSS Score: 4.1 Medium

    CVE-2025-4575 CVSS Score: 6.5 Medium

  4. The StrongSwan package has been updated to v6.0.1 [DAL-10822]

  5. The NTP package has been updated to v4.2.8p18 [DAL-11270]

    CVE-2023-26551 CVSS Score: 5.6 Medium

    CVE-2023-26552 CVSS Score: 5.6 Medium

    CVE-2023-26553 CVSS Score: 5.6 Medium

    CVE-2023-26554 CVSS Score: 5.6 Medium

    CVE-2023-26555 CVSS Score: 6.4 Medium

  6. The libcurl package has been updated to v8.13.0 [DAL-11547]

    CVE-2025-0725 CVSS Score: 7.3 High

  7. The OpenSSH package has been updated to 10.0p2 [DAL-11584]

    CVE-2025-32728 CVSS Score: 3.8 Low

  8. The net-tools package has been patched to resolve a CVE. [DAL-11548]

    CVE-2025-46836 CVSS Score: 6.6 Medium

  9. The CA certificates on the device have been updated. [DAL-11668]

    • Added the CA certificate from edp12.devicecloud.com

    • Refreshed CA certificates using the 2025-05-20 Mozilla bundle

    • Certificates with sha1WithRsaEncryption signatures have been removed.

    • Remove references to unique.crt (used with AView)

  10. An issue with the DAL self-signed certificate not being renewed when it expires has been resolved. [DAL-11641]

Bug fixes

  1. An issue with the EX50 device not being able to connect to the carrier Softbank has been resolved. [DAL-10697]

  2. An issue with the TX40 Wi-Fi not working in the 25.5 release has been resolved. [DAL-11733]

  3. An issue with the TX64 5G device not being able to connect to the carrier Softbank has been resolved. [DAL-10697]

  4. An issue with the OpenVPN server not starting properly from boot up has been resolved. [DAL-11240]

  5. An issue where SureLink was attempting to test an IPsec tunnel before it had fully come up which prevented the IPsec from being fully established has been resolved. [DAL-11449]

  6. An issue with the IPsec uptime and disconnect query state statistics being incorrect has been resolved. [DAL-11752]

  7. An issue setting the baud rate to 5787 for RealPort has been resolved. [DAL-11661]

  8. An issue when using a proxy to connect to Digi Remote Manager has been resolved. [DAL-11675]

  9. An issue when changing a user password and not being verified in Primary Responder mode has been resolved. [DAL-11664]

  10. An issue with commas and single and double quotes being used in the APN usernames and passwords which were causing authentication failures has been resolved. [DAL-11594]

    • Commas should not be used in APN usernames or passwords.

    • Single quotes can be used in APN usernames and passwords.

    • Double quotes should not be used except with the Telit FN990 cellular module.

  11. An issue where scheduled scripts were not being started at boot up due to system clock changes has been resolved. [DAL-11743]

  12. An issue with cellular band selection has been resolved. [DAL-11741]

  13. An issue with mounting the shared read/write directories inside a container has been resolved. [DAL-10854]

  14. An issue with TX54 5G units (using the Telit MV31-W modem) not displaying the RSRP and RSRQ for LTE connections has been resolved. [DAL-11815]

  15. An issue with the Modbus gateway support reading a serial port not configured for Modbus has been resolved. [DAL-11366]

Deprecated

  1. The health metrics feature has been disabled by default as they have been obsoleted. Digi Remote Manager now uses the Query State data to generate metrics, which are more efficient and use less bandwidth.