Sign-up

ID

VAR-201804-1569


CVE

CVE-2018-8836


TITLE

Wago 750 series PLC Firmware improper resource shutdown and release vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004285

DESCRIPTION

Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools. Wago 750 series PLC Vulnerabilities exist in the firmware of improper shutdown and release of resources.Service operation interruption (DoS) There is a possibility of being put into a state. 750-880, 750-881, 750-852, etc. are all WAGO750 series Ethernet switches. The WAGO750 series has a denial of service vulnerability that can be exploited to cause a denial of service state to communicate with debug and service tools. Multiple WAGO Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service condition. WAGO 750 Series PLCs, etc. are editable logic controller products of Germany WAGO Company. There is a security vulnerability in WAGO 750 Series PLCs using firmware version 10 and earlier. The vulnerability is caused by the program not implementing the three-way handshake correctly

Trust: 2.7

sources: NVD: CVE-2018-8836 // JVNDB: JVNDB-2018-004285 // CNVD: CNVD-2018-07035 // BID: 103726 // IVD: e2ea7d81-39ab-11e9-933f-000c29342cb1 // VULHUB: VHN-138868

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: e2ea7d81-39ab-11e9-933f-000c29342cb1 // CNVD: CNVD-2018-07035

AFFECTED PRODUCTS

vendor:wagomodel:750-829scope:lteversion:10

Trust: 1.8

vendor:wagomodel:750-831scope:lteversion:10

Trust: 1.8

vendor:wagomodel:750-852scope:lteversion:10

Trust: 1.8

vendor:wagomodel:750-880scope:lteversion:10

Trust: 1.8

vendor:wagomodel:750-881scope:lteversion:10

Trust: 1.8

vendor:wagomodel:750-882scope:lteversion:10

Trust: 1.8

vendor:wagomodel:750-885scope:lteversion:10

Trust: 1.8

vendor:wagomodel:750-889scope:lteversion:10

Trust: 1.8

vendor:wagomodel: - scope:eqversion:750-889<=10

Trust: 0.6

vendor:wagomodel: - scope:eqversion:750-829<=10

Trust: 0.6

vendor:wagomodel: - scope:eqversion:750-880<=10

Trust: 0.6

vendor:wagomodel: - scope:eqversion:750-881<=10

Trust: 0.6

vendor:wagomodel: - scope:eqversion:750-852<=10

Trust: 0.6

vendor:wagomodel: - scope:eqversion:750-882<=10

Trust: 0.6

vendor:wagomodel: - scope:eqversion:750-885<=10

Trust: 0.6

vendor:wagomodel: - scope:eqversion:750-831<=10

Trust: 0.6

vendor:wagomodel:750-852scope:eqversion:10

Trust: 0.6

vendor:wagomodel:750-881scope:eqversion:10

Trust: 0.6

vendor:wagomodel:750-829scope:eqversion:10

Trust: 0.6

vendor:wagomodel:750-885scope:eqversion:10

Trust: 0.6

vendor:wagomodel:750-880scope:eqversion:10

Trust: 0.6

vendor:wagomodel:750-889scope:eqversion:10

Trust: 0.6

vendor:wagomodel:750-882scope:eqversion:10

Trust: 0.6

vendor:wagomodel:750-831scope:eqversion:10

Trust: 0.6

vendor:wagomodel:wagoscope:eqversion:750-88910

Trust: 0.3

vendor:wagomodel:wagoscope:eqversion:750-88510

Trust: 0.3

vendor:wagomodel:wagoscope:eqversion:750-88210

Trust: 0.3

vendor:wagomodel:wagoscope:eqversion:750-88110

Trust: 0.3

vendor:wagomodel:wagoscope:eqversion:750-88010

Trust: 0.3

vendor:wagomodel:wagoscope:eqversion:750-85210

Trust: 0.3

vendor:wagomodel:wagoscope:eqversion:750-83110

Trust: 0.3

vendor:wagomodel:wagoscope:eqversion:750-82910

Trust: 0.3

vendor:wagomodel:wagoscope:neversion:750-88911

Trust: 0.3

vendor:wagomodel:wagoscope:neversion:750-88511

Trust: 0.3

vendor:wagomodel:wagoscope:neversion:750-88211

Trust: 0.3

vendor:wagomodel:wagoscope:neversion:750-88111

Trust: 0.3

vendor:wagomodel:wagoscope:neversion:750-88011

Trust: 0.3

vendor:wagomodel:wagoscope:neversion:750-85211

Trust: 0.3

vendor:wagomodel:wagoscope:neversion:750-83111

Trust: 0.3

vendor:wagomodel:wagoscope:neversion:750-82911

Trust: 0.3

vendor:750 880model: - scope:eqversion:*

Trust: 0.2

vendor:750 881model: - scope:eqversion:*

Trust: 0.2

vendor:750 852model: - scope:eqversion:*

Trust: 0.2

vendor:750 882model: - scope:eqversion:*

Trust: 0.2

vendor:750 885model: - scope:eqversion:*

Trust: 0.2

vendor:750 831model: - scope:eqversion:*

Trust: 0.2

vendor:750 889model: - scope:eqversion:*

Trust: 0.2

vendor:750 829model: - scope:eqversion:*

Trust: 0.2

sources: IVD: e2ea7d81-39ab-11e9-933f-000c29342cb1 // CNVD: CNVD-2018-07035 // BID: 103726 // JVNDB: JVNDB-2018-004285 // CNNVD: CNNVD-201804-135 // NVD: CVE-2018-8836

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-8836
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-8836
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-07035
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201804-135
value: MEDIUM

Trust: 0.6

IVD: e2ea7d81-39ab-11e9-933f-000c29342cb1
value: MEDIUM

Trust: 0.2

VULHUB: VHN-138868
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-8836
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-07035
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2ea7d81-39ab-11e9-933f-000c29342cb1
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-138868
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-8836
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: IVD: e2ea7d81-39ab-11e9-933f-000c29342cb1 // CNVD: CNVD-2018-07035 // VULHUB: VHN-138868 // JVNDB: JVNDB-2018-004285 // CNNVD: CNNVD-201804-135 // NVD: CVE-2018-8836

PROBLEMTYPE DATA

problemtype:CWE-404

Trust: 1.9

sources: VULHUB: VHN-138868 // JVNDB: JVNDB-2018-004285 // NVD: CVE-2018-8836

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-135

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201804-135

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-004285

PATCH
title:トップページurl:http://global.wago.com/jp/
Trust: 0.8
title:WAGO750 Series Denial of Service Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/124849
Trust: 0.6
title:WAGO 750 Series PLCs Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82987
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-07035 // 
            
            
            
            JVNDB: JVNDB-2018-004285 // 
            
            
            
            CNNVD: CNNVD-201804-135

EXTERNAL IDS
db:NVDid:CVE-2018-8836
Trust: 3.6
db:ICS CERTid:ICSA-18-088-01
Trust: 3.4
db:BIDid:103726
Trust: 2.0
db:CNNVDid:CNNVD-201804-135
Trust: 0.9
db:CNVDid:CNVD-2018-07035
Trust: 0.8
db:JVNDBid:JVNDB-2018-004285
Trust: 0.8
db:IVDid:E2EA7D81-39AB-11E9-933F-000C29342CB1
Trust: 0.2
db:VULHUBid:VHN-138868
Trust: 0.1
sources:
            
            
            IVD: e2ea7d81-39ab-11e9-933f-000c29342cb1 // 
            
            
            
            CNVD: CNVD-2018-07035 // 
            
            
            
            VULHUB: VHN-138868 // 
            
            
            
            BID: 103726 // 
            
            
            
            JVNDB: JVNDB-2018-004285 // 
            
            
            
            CNNVD: CNNVD-201804-135 // 
            
            
            
            NVD: CVE-2018-8836

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-088-01
Trust: 3.4
url:http://www.securityfocus.com/bid/103726
Trust: 1.7
url:https://www.wago.com/medias/vulnerability-in-the-wago-ethernet-tcp-ip-driver.pdf?context=bwfzdgvyfhjvb3r8mjgxndk0fgfwcgxpy2f0aw9ul3bkznxootcvadhklzkxntaymjmymja3njyucgrmfgrlnwq4odc0nte5m2uyntuwntiyndrlowfknwi2yjnkmzg0ytvhyzlmytbjnzm4mddmnmyzotm5m2zlmgeznze
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8836
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-8836
Trust: 0.8
url: http://www.wago.com/
Trust: 0.3
url:https://www.wago.com/medias/vulnerability-in-the-wago-ethernet-tcp-ip-driver.pdf?context=bwfzdgvyfhjvb3r8mjgxndk0fgfwcgxpy2f0aw9ul3bkznxootcvadhklzkxntaymjmymja3njyucgrmfgrlnwq4odc0nte5m2uyntuwntiyndr
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2018-07035 // 
            
            
            
            VULHUB: VHN-138868 // 
            
            
            
            BID: 103726 // 
            
            
            
            JVNDB: JVNDB-2018-004285 // 
            
            
            
            CNNVD: CNNVD-201804-135 // 
            
            
            
            NVD: CVE-2018-8836

CREDITS
Younes Dragoni
Trust: 0.3
sources:
            
            
            BID: 103726

SOURCES
db:IVDid:e2ea7d81-39ab-11e9-933f-000c29342cb1
db:CNVDid:CNVD-2018-07035
db:VULHUBid:VHN-138868
db:BIDid:103726
db:JVNDBid:JVNDB-2018-004285
db:CNNVDid:CNNVD-201804-135
db:NVDid:CVE-2018-8836

LAST UPDATE DATE
2024-11-23T23:12:08.744000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-07035date:2018-04-04T00:00:00
db:VULHUBid:VHN-138868date:2019-10-09T00:00:00
db:BIDid:103726date:2018-03-29T00:00:00
db:JVNDBid:JVNDB-2018-004285date:2018-06-15T00:00:00
db:CNNVDid:CNNVD-201804-135date:2019-10-17T00:00:00
db:NVDid:CVE-2018-8836date:2024-11-21T04:14:25.160

SOURCES RELEASE DATE
db:IVDid:e2ea7d81-39ab-11e9-933f-000c29342cb1date:2018-04-04T00:00:00
db:CNVDid:CNVD-2018-07035date:2018-04-04T00:00:00
db:VULHUBid:VHN-138868date:2018-04-03T00:00:00
db:BIDid:103726date:2018-03-29T00:00:00
db:JVNDBid:JVNDB-2018-004285date:2018-06-15T00:00:00
db:CNNVDid:CNNVD-201804-135date:2018-04-03T00:00:00
db:NVDid:CVE-2018-8836date:2018-04-03T13:29:00.277