Multiple critical flaws in Planet Technology WGS-804HPT industrial switch
Take action: If you are using Planet WGS-804HPT switch, make sure it's in an isolated network, not connected to the internet or untrusted networks. Then plan to patch it. The attacks are dangerous, but with isolation times you have time to prepare for a patch.
Learn More
Planet Technology is reporting multiple critical vulnerabilities in their industrial switch WGS-804HPT, potentially allowing remote code execution.
- CVE-2024-48871 (CVSS score 9.8) - Stack-based Buffer Overflow. Allows unauthenticated attackers to achieve remote code execution via malicious HTTP requests
- Type: Stack buffer overflow due to improper input size validation
- CVE-2024-52320 (CVSS score 9.8) - OS Command Injection. Enables unauthenticated attackers to execute arbitrary commands through malicious HTTP requests
- CVE-2024-52558 (CVSS score 6.9) - Integer Underflow. Allows unauthenticated attackers to crash the system through malformed HTTP requests
The flaws affect version v1.305b210531 of the device, which is deployed worldwide in critical manufacturing infrastructure.
The vulnerabilities were discovered by Tomer Goldschmidt from Claroty Research - Team82 and reported to CISA. Planet Technology has released version 1.305b241111 to address these issues and recommends all users upgrade immediately.
No known public exploitation has been reported to CISA as of December 5, 2024.
