PatchSiren cyber security CVE debrief
CVE-2024-52558 Planet Technology CVE debrief
Planet Technology Planet WGS-804HPT devices are vulnerable to an integer underflow condition that can be triggered by unauthenticated attackers via malformed HTTP requests, resulting in program crash and denial of service. The vulnerability affects firmware version 1.305b210531 and has been assigned a CVSS 3.1 score of 5.3 (Medium severity). CISA published advisory ICSA-24-340-02 on December 5, 2024, identifying this issue in industrial control system environments. The attack vector is network-based with low attack complexity, requiring no privileges or user interaction. Planet Technology has released patched firmware version 1.305b241111 to address this vulnerability.
- Vendor
- Planet Technology
- Product
- Planet WGS-804HPT
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-12-05
- Original CVE updated
- 2024-12-05
- Advisory published
- 2024-12-05
- Advisory updated
- 2024-12-05
Who should care
Organizations operating Planet WGS-804HPT industrial Ethernet switches in manufacturing, utility, transportation, or other OT environments should prioritize this patch. Security teams responsible for industrial control system infrastructure, network administrators managing OT device fleets, and compliance officers tracking ICS-CERT advisories should assess exposure and coordinate vendor firmware updates.
Technical summary
The Planet WGS-804HPT industrial switch firmware version 1.305b210531 contains an integer underflow vulnerability in its HTTP request handling. When processing malformed HTTP requests, insufficient validation of length or size values can cause an integer to wrap below zero, leading to memory corruption and program termination. The vulnerability is remotely exploitable without authentication, making it accessible to any network-adjacent attacker. Successful exploitation results in denial of service through device crash. The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L reflects network attack vector, low complexity, no privilege requirements, no user interaction, and low availability impact.
Defensive priority
medium
Recommended defensive actions
- Upgrade affected Planet WGS-804HPT devices to firmware version 1.305b241111 or later as recommended by the vendor.
- Restrict network access to device management interfaces to trusted administrative hosts only.
- Monitor for unexpected device reboots or service interruptions that may indicate exploitation attempts.
- Apply network segmentation to isolate industrial control system devices from untrusted networks.
- Review and implement CISA ICS recommended practices for defense-in-depth strategies.
Evidence notes
The vulnerability description and affected product version are sourced from CISA CSAF advisory ICSA-24-340-02. CVSS scoring details are provided in the source advisory. Remediation guidance specifying firmware version 1.305b241111 is explicitly documented in the CSAF remediation section.
Official resources
-
CVE-2024-52558 CVE record
CVE.org
-
CVE-2024-52558 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA disclosed this vulnerability on December 5, 2024, through ICS advisory ICSA-24-340-02. The vendor has acknowledged the issue and provided remediation guidance.