Planet Technology Network Products Hard-Coded Credentials Vulnerability Allowing Unauthenticated Database Access

A vulnerability exists in certain Planet Technology network products, including UNI-NMS-Lite, NMS-500, NMS-1000V, WGS-804HPT-V2, and WGS-4215-8T2S, all of which are affected by hard-coded credentials. These credentials could enable an unauthenticated attacker to gain administrative privileges and read, manipulate, or create entries in the managed database. Additionally, UNI-NMS-Lite, NMS-500, and NMS-1000V are vulnerable to command injection attacks that could allow an attacker to execute operating system commands on the host system.

Impact

Exploitation of this vulnerability could lead to unauthorized access and manipulation of database entries, with the potential for executing operating system commands on the host system in certain products.

Remediation

Planet Technology has released patches for all affected products. Users are advised to update to the latest versions. CISA recommends minimizing network exposure for control system devices, using firewalls to isolate control system networks from business networks, and employing secure remote access methods such as VPNs.