CVE-2018-8836

Name: CVE-2018-8836
Creator: NVD / NIST
Published: 2018-04-03T13:29:00.277+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.63%

Last modified Jun 17, 2026

CVE-2018-8836 is a vulnerability of currently unknown severity. Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools.. EPSS estimates a 3.63% chance of exploitation in the next 30 days.

Description

Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools.

Metrics

EPSS Probability

3.63%

88.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Wago	750-880 Firmware	<= 10
Wago	750-881 Firmware	<= 10
Wago	750-852 Firmware	<= 10
Wago	750-882 Firmware	<= 10
Wago	750-885 Firmware	<= 10
Wago	750-831 Firmware	<= 10
Wago	750-889 Firmware	<= 10
Wago	750-829 Firmware	<= 10

References

http://www.securityfocus.com/bid/103726Third Party Advisory, VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-088-01Third Party Advisory, US Government Resource
https://www.wago.com/medias/Vulnerability-in-the-WAGO-Ethernet-TCP-IP-driver.pdf?context=bWFzdGVyfHJvb3R8MjgxNDk0fGFwcGxpY2F0aW9uL3BkZnxoOTcvaDhkLzkxNTAyMjMyMjA3NjYucGRmfGRlNWQ4ODc0NTE5M2UyNTUwNTIyNDRlOWFkNWI2YjNkMzg0YTVhYzlmYTBjNzM4MDdmNmYzOTM5M2ZlMGEzNzEVendor Advisory
http://www.securityfocus.com/bid/103726Third Party Advisory, VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-088-01Third Party Advisory, US Government Resource
https://www.wago.com/medias/Vulnerability-in-the-WAGO-Ethernet-TCP-IP-driver.pdf?context=bWFzdGVyfHJvb3R8MjgxNDk0fGFwcGxpY2F0aW9uL3BkZnxoOTcvaDhkLzkxNTAyMjMyMjA3NjYucGRmfGRlNWQ4ODc0NTE5M2UyNTUwNTIyNDRlOWFkNWI2YjNkMzg0YTVhYzlmYTBjNzM4MDdmNmYzOTM5M2ZlMGEzNzEVendor Advisory

Timeline

Published: Apr 3, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-8836?

How severe is CVE-2018-8836?

Severity scoring for CVE-2018-8836 is pending analysis. The EPSS model estimates a 3.63% probability of exploitation in the next 30 days.

How do I fix CVE-2018-8836?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-8836?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST