QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-8836

Back to search

CVE-2018-8836

Published: Apr 3, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools.

VendorProductVersions

WAGO

WAGO 750 Series

affected
750-880 firmware version 10 and prior
affected
750-881 firmware version 10 and prior
affected
750-852 firmware version 10 and prior
affected
750-882 firmware version 10 and prior
affected
750-885 firmware version 10 and prior

+3 more versions

Weaknesses (CWE)

CWE-404

References

103726
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now