Planet Technology Network Products

Act Now9.8ICS-CERT ICSA-25-114-06Apr 24, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Planet Technology Network Management and switch products contain multiple vulnerabilities related to command injection (CWE-78), hardcoded credentials (CWE-798), and missing authentication (CWE-306). Successful exploitation could allow an attacker to read or manipulate device data, gain administrative privileges, or alter database entries on the management system and connected devices.\n\nAffected products:\n- UNI-NMS-Lite version 1.0b211018 and earlier\n- NMS-500 all versions\n- NMS-1000V all versions\n- WGS-804HPT-V2 version 2.305b250121 and earlier\n- WGS-4215-8T2S version 1.305b241115 and earlier

What this means

What could happen

An attacker could gain administrative access to network management devices and modify or read sensitive configuration and database data, potentially disrupting monitoring and control of plant infrastructure. This could allow unauthorized changes to device settings or loss of visibility into operations.

Who's at risk

Network managers and operators of water, utility, and industrial facilities using Planet Technology management products (UNI-NMS, NMS-500, NMS-1000V) and managed switches (WGS-804HPT-V2, WGS-4215-8T2S) are affected. These devices monitor and configure network infrastructure for operational technology systems.

How it could be exploited

An attacker with network access to these devices could exploit command injection, hardcoded credentials, or missing authentication checks to gain shell access or administrative privileges on the management system. Once inside, they could read/modify network configurations, plant data, or gain further access to connected operational devices.

Prerequisites

Network access to management device ports (HTTP/HTTPS, SSH, or administrative protocols)
No credentials required for initial exploitation of authentication or command injection flaws

Remotely exploitableNo authentication requiredLow complexity attackHigh EPSS score (15.3%)No patch availableAffects network visibility and control of OT systems

Exploitability

High exploit probability (EPSS 15.3%)

Affected products (5)

2 pending3 EOL

ProductAffected VersionsFix Status

WGS-804HPT-V2: <=2.305b250121≤ 2.305b250121No fix yet

WGS-4215-8T2S: <=1.305b241115≤ 1.305b241115No fix yet

UNI-NMS-Lite: <=1.0b211018≤ 1.0b211018No fix (EOL)

NMS-500: vers:all/*All versionsNo fix (EOL)

NMS-1000V: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to management devices by deploying firewall rules to block inbound connections from untrusted networks and the internet

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXApply firmware patches to WGS-804HPT (v2), WGS-4215-8T2S, UNI-NMS, NMS-500, and NMS-1000V as released by Planet Technology

Mitigations - no patch available

0/2

The following products have reached End of Life with no planned fix: UNI-NMS-Lite: <=1.0b211018, NMS-500: vers:all/*, NMS-1000V: vers:all/*. Apply the following compensating controls:

HARDENINGIsolate network management systems and switches from business networks using network segmentation or separate VLANs

HARDENINGImplement VPN with multi-factor authentication for any required remote administrative access to these devices

CVEs (5)

CVE-2025-46271 CVE-2025-46272 CVE-2025-46273 CVE-2025-46274 CVE-2025-46275

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/cabe9791-5fa5-445c-994a-ef9a633fb02b