CVE-2025-46275 — AI Deep Analysis Summary

🚨 **Essence**: Critical Access Control Error in PLANET Industrial Switches. <br>⚡ **Consequences**: Attackers can bypass authentication to **create admin accounts**, gaining full control over the device.…

🛡️ **Root Cause**: **CWE-306** (Missing Authentication for Critical Function). <br>❌ **Flaw**: The system fails to verify identity before allowing administrative actions, specifically account creation.

🏭 **Affected Products**: <br>1. **PLANET WGS-804HPT** (8-port Gigabit Managed Switch) <br>2. **PLANET WGS-4215-8T2S** (8+2 Port Managed Switch) <br>🏢 **Vendor**: Planet Technology (China).

💀 **Attacker Capabilities**: <br>✅ **Privileges**: Full Admin Access. <br>📂 **Data**: Complete Control. <br>🔓 **Action**: Create new administrator accounts without any credentials. This allows persistent backdoor access.

📉 **Exploitation Threshold**: **LOW**. <br>🌐 **Network**: Network Accessible (AV:N). <br>🔑 **Auth**: **None Required** (PR:N). <br>👤 **User Interaction**: None (UI:N). <br>🎯 **Complexity**: Low (AC:L).

🕵️ **Public Exploit**: **No**. <br>📄 **PoC**: Empty list in data. <br>⚠️ **Status**: Theoretical but critical. No known wild exploitation yet, but the flaw is trivial to exploit manually.

🔍 **Self-Check**: <br>1. Identify if you use **PLANET WGS-804HPT** or **WGS-4215-8T2S**. <br>2. Check for unauthorized admin users in the web interface. <br>3.…

🩹 **Official Fix**: **Unknown/Not Listed**. <br>📅 **Published**: 2025-04-24. <br>🔗 **Reference**: CISA Advisory ICSA-25-114-06. <br>⏳ **Action**: Check vendor portal immediately for a patch.

🚧 **Workaround (No Patch)**: <br>1. **Network Segmentation**: Isolate switches from untrusted networks. <br>2. **Firewall Rules**: Block external access to management ports (80/443). <br>3.…

🔥 **Urgency**: **CRITICAL (P1)**. <br>⚠️ **Reason**: CVSS 9.1 + No Auth Required + Industrial Control System (ICS) impact. <br>🚀 **Priority**: Patch immediately or isolate. Do not ignore.