Modbus/TCP Coil Access

This script is Copyright (C) 2006-2012 Tenable Network Security, Inc.

Synopsis :

Coils from a Modicon field device such as a PLC, RTU or IED using FC 1
can be read.

Description :

Modbus uses a function code of 1 reads coils in a Modbus slave
commonly used by SCADA and DCS field devices. Coils represent binary
output settings and are typically mapped to actuators. A sample of
coil settings are provided by the plugin output.

The ability to read coils may help an attacker profile a system and
identify ranges of registers to alter via a write coil message.

See also :

Solution :

Restrict access to the Modbus port (TCP/502) to authorized Modbus

Risk factor :

Medium / CVSS Base Score : 5.0

Family: SCADA

Nessus Plugin ID: 23817 ()

Bugtraq ID: