CVE-2025-9971 is a critical security vulnerability identified in certain models of the Industrial Cellular Gateway ICG-2510WG-LTE developed by Planet Technology, specifically targeting versions deployed in the EU and US markets. The vulnerability is classified under CWE-306, which denotes Missing Authentication for a Critical Function. This means that the device exposes a functionality that can be accessed and manipulated remotely by an attacker without any authentication requirements. The vulnerability allows unauthenticated remote attackers to perform unauthorized actions on the device, potentially manipulating its configuration or operational state. Given the device's role as an industrial cellular gateway, it is likely used to provide cellular connectivity and routing for industrial control systems, IoT deployments, or critical infrastructure communications. The CVSS 4.0 base score of 9.3 (critical severity) reflects the high impact and ease of exploitation: the attack vector is network-based (AV:N), requires no privileges (PR:N), no user interaction (UI:N), and no authentication (AT:N). The vulnerability impacts confidentiality, integrity, and availability at a high level (VC:H, VI:H, VA:H), indicating that an attacker could fully compromise the device’s data and operational integrity. No patches or mitigations are currently listed, and no known exploits in the wild have been reported yet. However, the critical nature of the vulnerability and the absence of authentication controls on a critical function make this a high-risk issue that could be exploited to disrupt industrial communications or pivot into broader network environments.

For European organizations, the impact of CVE-2025-9971 could be severe, especially for sectors relying on industrial cellular gateways for critical infrastructure, manufacturing automation, or IoT connectivity. Compromise of these gateways could lead to unauthorized control over network traffic, interception or manipulation of sensitive data, disruption of industrial processes, and potential cascading failures in operational technology environments. This could affect utilities, manufacturing plants, transportation systems, and smart city deployments that rely on Planet Technology’s ICG-2510WG-LTE devices. The lack of authentication means attackers could remotely exploit the vulnerability without needing prior access, increasing the risk of widespread attacks. Additionally, given the device’s role in bridging cellular networks with internal networks, attackers could use this vulnerability as a foothold to move laterally into enterprise or critical infrastructure networks, potentially leading to data breaches, operational downtime, or safety hazards. The absence of known exploits currently provides a window for proactive mitigation, but the critical CVSS score underscores the urgency for European organizations to address this threat promptly.

1. Immediate network segmentation: Isolate the affected Planet Technology ICG-2510WG-LTE devices from critical internal networks and limit their exposure to untrusted networks, especially the internet. 2. Access control enforcement: Implement strict firewall rules to restrict inbound and outbound traffic to and from the gateways, allowing only trusted management IPs and protocols. 3. Monitoring and anomaly detection: Deploy network monitoring tools to detect unusual traffic patterns or unauthorized access attempts targeting these devices. 4. Vendor engagement: Engage with Planet Technology to obtain patches or firmware updates addressing the vulnerability as soon as they become available. 5. Temporary compensating controls: If patching is not immediately possible, disable or restrict the vulnerable functionality if configurable, or replace affected devices with alternative secure models. 6. Incident response readiness: Prepare incident response plans specific to potential exploitation scenarios involving these gateways, including forensic readiness and containment strategies. 7. Inventory and asset management: Maintain an accurate inventory of all deployed ICG-2510WG-LTE devices to ensure no affected units are overlooked during mitigation efforts.