Industrial switches and network management products made by Taiwan-based Planet Technology are affected by several critical vulnerabilities.
The existence of the flaws came to light last week when CISA published an advisory describing five vulnerabilities discovered in Planet Technology’s UNI-NMS-Lite, NMS-500 and NMS-1000V network management systems, and WGS-804HPT-V2 and WGS-4215-8T2S switches.
The security holes have all been assigned a ‘critical’ severity rating. They can be exploited by remote, unauthenticated attackers to gain admin privileges to the affected product (through hardcoded credentials), create an admin account due to missing authentication, and conduct command injection to execute OS commands or read/manipulate device data.
CISA pointed out that the impacted devices are used worldwide, including in the critical manufacturing sector.
Kevin Breen, senior director of cyber threat research at Immersive, who has been credited for reporting the vulnerabilities, disclosed technical details the day after CISA published its advisory.
The researcher has shared information on how the vulnerabilities were found and how they could be exploited by threat actors.
According to Breen, Censys searches show hundreds and possibly thousands of potentially vulnerable Planet Technology devices that are exposed to the internet.
The researcher discovered the vulnerabilities during the analysis of a couple of Planet Technology device flaws reported last year by industrial cybersecurity firm Claroty.
Planet Technology has patched the vulnerabilities found by Breen — the vendor was notified on March 6 through CISA and fixes were rolled out on April 16.
CISA said it’s not aware of the in-the-wild exploitation of these vulnerabilities.
Related: Lantronix Device Used in Critical Infrastructure Exposes Systems to Remote Hacking
Related: Study Identifies 20 Most Vulnerable Connected Devices of 2025
Related: More Solar System Vulnerabilities Expose Power Grids to Hacking