CISA Warns of Critical Vulnerabilities in Planet Technology Products

CISA has issued a new security advisory highlighting critical vulnerabilities impacting several Planet Technology products, including UNI-NMS-Lite, NMS-500, NMS-1000V, WGS-804HPT-V2, and WGS-4215-8T2S. Successful exploitation could allow attackers to manipulate device data, gain administrative privileges, or alter managed databases.

Vulnerability Overview

The advisory outlines five key vulnerabilities:

CVE-2025-46271 (CVSS 9.1): UNI-NMS-Lite is vulnerable to a command injection attack that “could allow an unauthenticated attacker to read or manipulate device data.”
CVE-2025-46272 (CVSS 9.1): WGS-804HPT-V2 and WGS-4215-8T2S are vulnerable to command injection attacks enabling “an unauthenticated attacker to execute OS commands on the host system.”
CVE-2025-46273 (CVSS 9.8): UNI-NMS-Lite uses hard-coded credentials that “could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices.”
CVE-2025-46274 (CVSS 9.8): Hard-coded credentials also permit “unauthenticated attackers to read, manipulate, and create entries in the managed database.”
CVE-2025-46275 (CVSS 9.8): WGS-804HPT-V2 and WGS-4215-8T2S suffer from missing authentication for critical functions, allowing attackers “to create an administrator account without knowing any existing credentials.”

Affected Products

UNI-NMS-Lite: Versions 1.0b211018 and prior
NMS-500: All Versions
NMS-1000V: All Versions
WGS-804HPT-V2: Versions 2.305b250121 and prior
WGS-4215-8T2S: Versions 1.305b241115 and prior

Mitigations and Recommendations

Planet Technology has released patches [1,2,3,4,5] for all affected devices. CISA advises organizations to:

Minimize network exposure for control systems.
Place critical devices behind firewalls and separate them from business networks.
Use VPNs for remote access, ensuring they are fully updated.

Rate this post

Related Posts:

Leave a Reply Cancel reply