OTPulse
FeedAboutContact

WAGO 750 Series

Monitor5.3ICS-CERT ICSA-18-088-01Mar 29, 2018
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

WAGO 750-series controllers (firmware versions 10 and earlier) contain an unhandled exception vulnerability (CWE-404) that can be triggered remotely without authentication. A crafted network packet will crash the controller, causing a denial of service condition. The vulnerability is remotely exploitable with low skill level and requires only network access to the device.

What this means
What could happen
An attacker with network access to a WAGO 750 controller can cause a denial of service condition, interrupting process operations or data collection until the device is restarted.
Who's at risk
Water utilities and electric utilities using WAGO 750-series controllers (880, 881, 831, 882, 852, 885, 889, 829) for process automation, I/O management, or data acquisition systems should treat this as a network availability risk affecting critical infrastructure operations.
How it could be exploited
An attacker sends a specially crafted network packet to the affected WAGO device, triggering an unhandled exception (CWE-404) that crashes the controller. This requires only network reachability to the device and no authentication credentials.
Prerequisites
  • Network access to the WAGO 750 device on its service port (port 502 or management interface)
  • No authentication required
remotely exploitableno authentication requiredlow complexityno patch availableaffects control system availability
Exploitability
Moderate exploit probability (EPSS 3.3%)
Affected products (8)
8 EOL
ProductAffected VersionsFix Status
750-880 firmware:≤ 10No fix (EOL)
750-881 firmware:≤ 10No fix (EOL)
750-831 firmware:≤ 10No fix (EOL)
750-882 firmware:≤ 10No fix (EOL)
750-852 firmware:≤ 10No fix (EOL)
750-885 firmware:≤ 10No fix (EOL)
750-889 firmware:≤ 10No fix (EOL)
750-829 firmware:≤ 10No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
WORKAROUNDRestrict network access to WAGO 750 controllers using firewall rules; allow only trusted engineering workstations and control system devices to reach management ports
HARDENINGEnsure WAGO 750 controllers are not reachable from the Internet; verify no port forwarding or VPN rules expose these devices to external networks
Mitigations - no patch available
0/2
The following products have reached End of Life with no planned fix: 750-880 firmware:, 750-881 firmware:, 750-831 firmware:, 750-882 firmware:, 750-852 firmware:, 750-885 firmware:, 750-889 firmware:, 750-829 firmware:. Apply the following compensating controls:
HARDENINGPlace WAGO 750 controllers behind a firewall and isolate the control system network from the business/corporate network
HARDENINGIf remote access to WAGO devices is necessary, use a VPN with current security patches and restrict access to specific engineering personnel only
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/96f9367f-a502-4b9c-a91b-f0ed8c18aa6b
WAGO 750 Series | CVSS 5.3 - OTPulse