Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| wago | 750-880_firmware | 10 | - |
| wago | 750-881_firmware | 10 | - |
| wago | 750-852_firmware | 10 |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
8
Affected Products
6
References
wago / 750-880_firmware
| - |
| wago | 750-882_firmware | 10 | - |
| wago | 750-885_firmware | 10 | - |
| wago | 750-831_firmware | 10 | - |
| wago | 750-889_firmware | 10 | - |
| wago | 750-829_firmware | 10 | - |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability
Impact