WAGO 750 Series Improper Resource Shutdown or Release (CVE-2018-8836)

medium Tenable OT Security Plugin ID 500926

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

WAGO has released new firmware addressing this vulnerability that can be obtained by contacting WAGO support via email at [email protected].

If updating the firmware is not feasible WAGO recommends that users disable the WAGO Service Communication via WBM or limit the access to Ports 6626 and 2455/TCP/IP to trusted devices.

For more information see WAGO’s security advisory:Vulnerability-in-the-WAGO-Ethernet-TCP-IP-driver.pdf

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-18-088-01

http://www.securityfocus.com/bid/103726

http://www.nessus.org/u?176ef0d0

Plugin Details

Severity: Medium

ID: 500926

Version: 1.8

Type: remote

Family: Tenable.ot

Published: 3/29/2023

Updated: 11/25/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2018-8836

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:wago:750-829_firmware, cpe:/o:wago:750-852_firmware, cpe:/o:wago:750-880_firmware, cpe:/o:wago:750-831_firmware, cpe:/o:wago:750-889_firmware, cpe:/o:wago:750-885_firmware, cpe:/o:wago:750-882_firmware, cpe:/o:wago:750-881_firmware

Required KB Items: Tenable.ot/Wago

Exploit Ease: No known exploits are available

Patch Publication Date: 4/3/2018

Vulnerability Publication Date: 4/3/2018

Reference Information

CVE: CVE-2018-8836

CWE: 404

ICSA: 18-088-01