PatchSiren cyber security CVE debrief
CVE-2025-46274 Planet Technology CVE debrief
CVE-2025-46274 is a critical authentication flaw in Planet Technology network management products. According to the CISA CSAF advisory published on 2025-04-24, hard-coded credentials in UNI-NMS-Lite, NMS-500, and the NMS-1000 family can let an unauthenticated attacker read, manipulate, and create entries in the managed database. CISA revised the advisory on 2025-05-06 to fix typos, and the core risk remains unchanged: network-reachable access with no authentication barrier and full confidentiality, integrity, and availability impact.
- Vendor
- Planet Technology
- Product
- UNI-NMS-Lite
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-04-24
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-04-24
- Advisory updated
- 2025-05-06
Who should care
Organizations using Planet Technology UNI-NMS-Lite, NMS-500, or NMS-1000-series management software should treat this as urgent, especially teams operating industrial or OT-adjacent networks where these tools manage sensitive infrastructure.
Technical summary
The advisory describes hard-coded credentials exposed in Planet Technology management products, enabling unauthenticated database access. The supplied CVSS 3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, which matches a remotely exploitable issue with high impact across confidentiality, integrity, and availability. The CSAF affected product list explicitly names UNI-NMS-Lite <=1.0b211018, NMS-500 (all versions), and NMS-1000V (all versions), while the narrative description uses NMS-1000; that naming should be reconciled against vendor guidance before remediation planning.
Defensive priority
Immediate. This is a network-exploitable, unauthenticated, critical-severity issue with vendor patches reported as available. Prioritize external exposure review, patching, and verification of any management database integrity concerns.
Recommended defensive actions
- Apply the vendor patches identified in the CISA advisory for all affected Planet Technology products.
- Confirm whether any affected management interfaces are reachable from untrusted networks and restrict access to administrative segments only.
- Review managed database contents and logs for unexpected changes, especially unauthorized reads, inserts, or modifications.
- Rotate or replace any credentials associated with the affected products, including any credentials that may have been hard-coded or otherwise exposed.
- Validate the exact affected product naming and version mapping in your environment, especially the NMS-1000 versus NMS-1000V naming used in the source advisory.
- Use CISA ICS recommended practices and defense-in-depth guidance to reduce exposure around industrial or OT management systems.
Evidence notes
Source evidence comes from the CISA CSAF advisory ICSA-25-114-06 and the linked official references. The source states that UNI-NMS-Lite, NMS-500, and NMS-1000 use hard-coded credentials that could allow an unauthenticated attacker to read, manipulate, and create entries in the managed database. The CSAF affected-product section lists UNI-NMS-Lite <=1.0b211018, NMS-500 all versions, and NMS-1000V all versions. The advisory was initially published on 2025-04-24 and revised on 2025-05-06 for typo fixes. No KEV entry is indicated in the supplied data.
Official resources
-
CVE-2025-46274 CVE record
CVE.org
-
CVE-2025-46274 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory published by CISA on 2025-04-24 (ICSA-25-114-06), with a revision on 2025-05-06 for typo fixes. No Known Exploited Vulnerabilities (KEV) date is provided in the supplied data.