Planet Technology Planet WGS-804HPT

Act Now9.8ICS-CERT ICSA-24-340-02Dec 5, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Planet WGS-804HPT managed switches contain multiple vulnerabilities that allow remote code execution without authentication. The vulnerabilities include buffer overflow (CWE-121), command injection (CWE-78), and integer underflow (CWE-191) in the device firmware. Successful exploitation permits an attacker to execute arbitrary commands with device-level privileges, potentially allowing modification of switch configuration, VLAN settings, spanning tree topology, or traffic filtering rules.

What this means

What could happen

An attacker could gain remote code execution on the WGS-804HPT managed switch, allowing them to reconfigure network settings, modify traffic routing, or disrupt communication between critical control system devices on your network.

Who's at risk

Water utilities and electrical systems operators should prioritize this because the WGS-804HPT is a managed industrial Ethernet switch commonly used in ICS/OT networks to connect PLCs, RTUs, and field devices. A compromised switch can disrupt communication critical to plant operations, alter sensor readings routed through it, or isolate critical devices from supervisory control.

How it could be exploited

An attacker with network access to the switch (port 80/443 or other management interface) can send a specially crafted request to exploit a buffer overflow (CWE-121) or command injection (CWE-78) vulnerability, gaining the ability to execute arbitrary code with device privileges.

Prerequisites

Network access to the WGS-804HPT management interface (HTTP/HTTPS or other management ports)
No credentials required for exploitation
Device running firmware version v1.305b210531

remotely exploitableno authentication requiredlow complexitycritical CVSS score (9.8)affects network infrastructure supporting safety and control systems

Exploitability

Moderate exploit probability (EPSS 2.2%)

Affected products (1)

ProductAffected VersionsFix Status

Planet WGS-804HPT: v1.305b210531v1.305b2105311.305b241111

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDRestrict network access to the WGS-804HPT management interface using firewall rules or access control lists; only allow connection from trusted engineering workstations and management subnets

HARDENINGIsolate the switch behind a firewall; do not expose management interfaces directly to business networks or the internet

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade WGS-804HPT firmware to version 1.305b241111 or later

HARDENINGIf remote access to the device is necessary, require VPN connection through a secure tunnel before allowing access to management interfaces

CVEs (3)

CVE-2024-48871 CVE-2024-52320 CVE-2024-52558

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/19973774-173a-4054-9bbf-6f2146a6ab90