Recent findings have unveiled critical security vulnerabilities in MICROSENS’s NMP Web+, a network management platform widely utilized in industrial and enterprise environments. These flaws could allow unauthenticated attackers to gain full system access, overwrite files, and execute arbitrary code, posing significant risks to affected organizations.
Overview of MICROSENS NMP Web+
MICROSENS, a Germany-based company, offers a range of connectivity and automation solutions, including switches, converters, building controllers, and transceivers. Their NMP Web+ product is designed to enable users to control, monitor, and configure industrial switches and other network equipment. This platform is integral to managing network infrastructures in various industrial sectors.
Identified Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory detailing three significant vulnerabilities in NMP Web+ versions 3.2.5 and earlier:
1. Use of Hard-coded, Security-relevant Constants (CVE-2025-49151): This critical vulnerability allows unauthenticated attackers to generate forged JSON Web Tokens (JWTs), effectively bypassing authentication mechanisms. The flaw arises from the use of hard-coded security constants in the authentication process, enabling attackers to create valid tokens without legitimate credentials. This vulnerability has been assigned a CVSS v3 base score of 9.1. ([cisa.gov](https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-07?utm_source=openai))
2. Insufficient Session Expiration (CVE-2025-49152): This high-severity issue involves JWTs that do not expire, allowing attackers who obtain a token through interception or other means to maintain persistent access to the system indefinitely. The lack of session expiration undermines session management controls and poses a significant security risk. This vulnerability has a CVSS v3 base score of 7.5. ([cisa.gov](https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-07?utm_source=openai))
3. Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) (CVE-2025-49153): This critical vulnerability enables unauthenticated attackers to overwrite files and execute arbitrary code on affected systems. By manipulating file paths, attackers can access restricted directories and system resources, potentially leading to full system compromise. This vulnerability has been assigned a CVSS v3 base score of 9.8. ([cisa.gov](https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-07?utm_source=openai))
Potential Impact
Exploitation of these vulnerabilities could have severe consequences, including:
– Unauthorized System Access: Attackers could gain full control over the NMP Web+ system without needing valid credentials.
– Data Manipulation and Theft: With system access, attackers could alter or steal sensitive data, compromising the integrity and confidentiality of the information.
– Operational Disruption: Execution of arbitrary code could disrupt network operations, leading to downtime and potential financial losses.
Discovery and Reporting
These vulnerabilities were identified by Tomer Goldschmidt and Noam Moshe of Claroty’s Team82. The German Federal Office for Information Security (BSI) CERT-Bund assisted in coordinating the disclosure with MICROSENS. ([cisa.gov](https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-07?utm_source=openai))
Mitigation Measures
MICROSENS has addressed these vulnerabilities in NMP Web+ Version 3.3.0. Users are strongly advised to upgrade to this latest version to mitigate the identified risks. Additionally, organizations should:
– Restrict Network Access: Ensure that NMP Web+ is not accessible from the internet and is only reachable from trusted networks.
– Implement Strong Authentication Mechanisms: Utilize robust authentication methods to enhance security.
– Monitor System Activity: Regularly review system logs and monitor for any unauthorized access attempts.
– Conduct Security Audits: Perform periodic security assessments to identify and address potential vulnerabilities.
Conclusion
The discovery of these critical vulnerabilities in MICROSENS NMP Web+ underscores the importance of proactive cybersecurity measures. Organizations utilizing this platform should promptly apply the necessary updates and implement recommended security practices to safeguard their systems against potential exploitation.
