Design/Logic Flaw

2018-04-0313:29:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.2%

JSON

Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools.

CPENameOperatorVersion
750-829_firmwarele10
750-831_firmwarele10
750-852_firmwarele10
750-880_firmwarele10
750-881_firmwarele10
750-882_firmwarele10
750-885_firmwarele10
750-889_firmwarele10

Name	Operator	Version
750-829_firmware	le	10
750-831_firmware	le	10
750-852_firmware	le	10
750-880_firmware	le	10
750-881_firmware	le	10
750-882_firmware	le	10
750-885_firmware	le	10
750-889_firmware	le	10

References

www.securityfocus.com/bid/103726

ics-cert.us-cert.gov/advisories/ICSA-18-088-01

www.wago.com/medias/Vulnerability-in-the-WAGO-Ethernet-TCP-IP-driver.pdf?context=bWFzdGVyfHJvb3R8MjgxNDk0fGFwcGxpY2F0aW9uL3BkZnxoOTcvaDhkLzkxNTAyMjMyMjA3NjYucGRmfGRlNWQ4ODc0NTE5M2UyNTUwNTIyNDRlOWFkNWI2YjNkMzg0YTVhYzlmYTBjNzM4MDdmNmYzOTM5M2ZlMGEzNzE