WAGO 750 Series Improper Resource Shutdown or Release (CVE-2018-8836)

medium Tenable OT Security Plugin ID 500926


The remote OT asset is affected by a vulnerability.


Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.


The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

WAGO has released new firmware addressing this vulnerability that can be obtained by contacting WAGO support via email at [email protected].

If updating the firmware is not feasible WAGO recommends that users disable the WAGO Service Communication via WBM or limit the access to Ports 6626 and 2455/TCP/IP to trusted devices.

For more information see WAGO’s security advisory:Vulnerability-in-the-WAGO-Ethernet-TCP-IP-driver.pdf

See Also




Plugin Details

Severity: Medium

ID: 500926

Version: 1.4

Type: remote

Family: Tenable.ot

Published: 3/29/2023

Updated: 3/4/2024

Supported Sensors: Tenable OT Security

Risk Information


Risk Factor: Low

Score: 1.4


Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2018-8836


Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:wago:750-829_firmware, cpe:/o:wago:750-831_firmware, cpe:/o:wago:750-852_firmware, cpe:/o:wago:750-880_firmware, cpe:/o:wago:750-881_firmware, cpe:/o:wago:750-882_firmware, cpe:/o:wago:750-885_firmware, cpe:/o:wago:750-889_firmware

Required KB Items: Tenable.ot/Wago

Exploit Ease: No known exploits are available

Patch Publication Date: 4/3/2018

Vulnerability Publication Date: 4/3/2018

Reference Information

CVE: CVE-2018-8836

CWE: 404