![[The AI Show Episode 143]: ChatGPT Revenue Surge, New AGI Timelines, Amazon’s AI Agent, Claude for Education, Model Context Protocol & LLMs Pass the Turing Test](https://www.marketingaiinstitute.com/hubfs/ep%20143%20cover.png)
![[DEALS] Koofr Cloud Storage: Lifetime Subscription (1TB) (80% off) & Other Deals Up To 98% Off – Offers End Soon!](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
_Muhammad_R._Fakhrurrozi_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
_NicoElNino_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![M4 MacBook Air Drops to Just $849 - Act Fast! [Lowest Price Ever]](https://www.iclarified.com/images/news/97140/97140/97140-640.jpg)
![Apple Smart Glasses Not Close to Being Ready as Meta Targets 2025 [Gurman]](https://www.iclarified.com/images/news/97139/97139/97139-640.jpg)
![iPadOS 19 May Introduce Menu Bar, iOS 19 to Support External Displays [Rumor]](https://www.iclarified.com/images/news/97137/97137/97137-640.jpg)
CISA Warns Planet Technology Network Products Let Attackers Manipulate Devices
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning of multiple high-severity vulnerabilities in Planet Technology network products that could allow attackers to gain administrative control over affected devices without authentication. The advisory details five vulnerabilities with CVSS scores as high as 9.8, indicating critical security risks to industrial control systems […] The post CISA Warns Planet Technology Network Products Let Attackers Manipulate Devices appeared first on Cyber Security News.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning of multiple high-severity vulnerabilities in Planet Technology network products that could allow attackers to gain administrative control over affected devices without authentication.
The advisory details five vulnerabilities with CVSS scores as high as 9.8, indicating critical security risks to industrial control systems worldwide.
Significant ICS Vulnerabilities Discovered
The most severe vulnerability (CVE-2025-46274) involves hard-coded credentials in the UNI-NMS-Lite management system that could allow an unauthenticated attacker to read, manipulate, and create entries in the managed database.
With a CVSS v3 score of 9.8, this vulnerability poses an immediate threat to affected organizations.
“The NMS uses hard-coded credentials for the underlying Mongo database. Additionally, the Mongo service isn’t restricted to the local host, meaning an attacker with network access can gain full control over the NMS software and any connected managed devices,” explained researchers in their disclosure.
Another critical vulnerability (CVE-2025-46271) involves a pre-auth command injection vulnerability that allows attackers with network access to gain full control over the network management system and any connected managed devices.
Similarly, CVE-2025-46272 affects the industrial switches, enabling attackers to execute arbitrary OS commands as root on the underlying operating system.
CVE-2025-46273 is a critical security flaw (CVSS v3: 9.8) in Planet Technology’s UNI-NMS-Lite network management software, classified under CWE-798: Use of Hard-Coded Credentials.
This vulnerability allows unauthenticated attackers to gain administrative control over all devices managed by the NMS.
Additionally, CVE-2025-46275, which presents an authentication bypass vulnerability in the industrial switches, allows attackers to modify device configurations and create new administrative accounts without requiring existing credentials.
“Successful exploitation of these vulnerabilities could allow an attacker to read or manipulate device data, gain administrative privileges, or alter database entries,” CISA warned in its advisory.
Security researcher Kev Breen of Immersive Labs discovered the vulnerabilities, which affect Planet Technology’s network management systems and industrial switches.
CVEs Affected Products Impact Exploit Prerequisites CVSS 3.1 Score CVE-2025-46271 UNI-NMS-Lite Execute OS commands, read/manipulate device data Remote network access 9.1 (Critical) CVE-2025-46272 WGS-804HPT-V2, WGS-4215-8T2S Root-level OS command execution on host system Remote network access 9.1 (Critical) CVE-2025-46273 UNI-NMS-Lite, NMS-500, NMS-1000V Gain administrative privileges on all managed devices Network access to MongoDB service 9.8(Critical) CVE-2025-46274 UNI-NMS-Lite, NMS-500, NMS-1000V Read/manipulate/create database entries Network access to MongoDB service 9.8(Critical) CVE-2025-46275 WGS-804HPT-V2, WGS-4215-8T2S Create admin accounts without authentication Access to device management interface 9.8(Critical)
Affected Products
According to the CISA advisory, the affected products include UNI-NMS-Lite (versions 1.0b211018 and prior), NMS-500 (all versions), NMS-1000V (all versions), WGS-804HPT-V2 (versions 2.305b250121 and prior), and WGS-4215-8T2S (versions 1.305b241115 and prior).
Planet Technology has released patches for all affected devices. CISA recommends that organizations take immediate defensive measures, including:
- Minimizing network exposure for control system devices, ensuring they’re not accessible from the internet.
- Placing control system networks and remote devices behind firewalls and isolating them from business networks.
- Using secure methods like VPNs when remote access is required, while remembering VPNs are only as secure as connected devices.
CISA emphasized that while there are no reports of active exploitation targeting these vulnerabilities, organizations should implement recommended cybersecurity strategies for proactive defense of industrial control system assets.
Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
The post CISA Warns Planet Technology Network Products Let Attackers Manipulate Devices appeared first on Cyber Security News.
 CISO’s Core Focus.webp?#)
