A critical vulnerability has been identified in certain models of Planet Technology's Industrial Cellular Gateways. This flaw, resulting from missing authentication, allows a remote, unauthenticated attacker to gain complete control over an affected device, potentially leading to significant operational disruption, data interception, and unauthorized access to protected industrial networks.

The vulnerability exists because a critical function or interface on the device does not require any form of authentication. An unauthenticated attacker on the network can send a specially crafted request to this unprotected interface to execute commands, modify the device's configuration, or otherwise manipulate its behavior. This complete lack of an authentication check allows for trivial exploitation and can lead to a full compromise of the gateway.

This vulnerability is rated as critical severity with a CVSS score of 9.8. Successful exploitation could have a severe impact on business operations. An attacker gaining control of an industrial gateway could disrupt critical infrastructure, intercept sensitive operational or corporate data passing through the device, pivot into the broader operational technology (OT) or corporate network, or manipulate connected industrial control systems. This poses a significant risk to operational continuity, data confidentiality, system integrity, and potentially the safety of industrial processes.

Immediate Action: Immediately apply the security updates provided by Planet Technology to all affected Industrial Cellular Gateway models to remediate this vulnerability. After patching, review device access logs and network traffic for any signs of compromise or unauthorized manipulation that may have occurred prior to the update.

Proactive Monitoring: Implement enhanced monitoring for all affected gateways. Specifically, monitor for unusual inbound connection attempts to the device's management interfaces from untrusted IP addresses, unexpected configuration changes, unexplained reboots, or anomalous outbound traffic originating from the gateway itself.

Compensating Controls: If immediate patching is not feasible, implement the following compensating controls:

• Use a firewall to restrict all access to the device's management interface to a limited set of trusted IP addresses on a dedicated management network.
• Ensure the gateways are not directly exposed to the internet. If remote access is required, it should be secured behind a Virtual Private Network (VPN) with multi-factor authentication.
• Employ network segmentation to isolate the industrial gateways from less-trusted networks.

Public Exploit Available: false

Due to the critical severity of this vulnerability and its potential for severe operational impact, it is strongly recommended that organizations prioritize the immediate patching of all affected Planet Technology Industrial Cellular Gateways. Although this CVE is not yet on the CISA KEV list, the simplicity of exploitation warrants treating it with the highest urgency. If patching cannot be performed immediately, the compensating controls outlined above must be implemented without delay to reduce the attack surface and mitigate risk.