Modicon Modbus/TCP Programming Function Code Access

This script is Copyright (C) 2006-2011 Tenable Network Security, Inc.


Synopsis :

A Modicon PLC Modbus TCP interface is listening on TCP port 502 and
accessible via proprietary function code 126.

Description :

The proprietary Modbus/TCP function code 126 is active on this Modbus
slave. An attacker that is able to gain network access to this device
may be able to reprogram PLC logic or otherwise impact the integrity
of the physical process.

Solution :

Restrict incoming traffic on this port to authorized Modbus TCP
clients.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P)

Family: SCADA

Nessus Plugin ID: 23819 ()

Bugtraq ID:

CVE ID: