Modicon PLC IO Scan Status SNMP Request Scan Status Remote Disclosure

medium Nessus Plugin ID 23824

Language:

Synopsis

It is possible to obtain the scan status of a Modicon PLC using an SNMP Get Request.

Description

The Modicon Quantum, Premium and Momentum brands of PLC's have a private SNMP MIB that is available on the Internet. The scan status has been obtained via an SNMP Get Request. The scan status is either idle, operational or stopped.

An attacker may use this information to determine the status of a PLC.

Solution

Change default community strings to a value not easily guessed and filter access to the SNMP port.

Plugin Details

Severity: Medium

ID: 23824

File Name: scada_modicon_snmp_iostatus.nbin

Version: 1.131

Type: remote

Family: SCADA

Published: 12/11/2006

Updated: 3/19/2024

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: SNMP/community, SCADA/Device/Modicon

Detections

Analytics