Modbus/TCP Coil Access

This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.

Synopsis :

Coils from a Modicon field device, such as a PLC, RTU, or IED, can be
read using function code 1.

Description :

Using function code 1, Modbus can reads the coils in a Modbus slave,
which is commonly used by SCADA and DCS field devices. Coils refer
to the binary output settings and are typically mapped to actuators.
A sample of coil settings read from the device are provided by the
plugin output.

The ability to read coils may help an attacker profile a system and
identify ranges of registers to alter via a write coil message.

See also :

Solution :

Restrict access to the Modbus port (TCP/502) to authorized Modbus

Risk factor :

Medium / CVSS Base Score : 5.0

Family: SCADA

Nessus Plugin ID: 23817 ()

Bugtraq ID:


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial