Modicon PLC Modbus Slave Mode SNMP Request Modbus Mode Remote Disclosure

This script is Copyright (C) 2006-2012 Tenable Network Security, Inc.


Synopsis :

It is possible to obtain the Modbus mode of a Modicon PLC using an
SNMP Get Request.

Description :

The Modicon Quantum, Premium and Momentum brands of PLC's have a
private SNMP MIB that is available on the Internet. The Modbus mode
has been obtained via an SNMP Get Request. The Modbus mode is either
direct, gateway, unit or some combination of these three types.

The Modbus mode could help an attacker determine the type of attack
necessary against the PLC.

Solution :

Change default community strings to a value not easily guessed and
filter access to the SNMP port.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Family: SCADA

Nessus Plugin ID: 23825 ()

Bugtraq ID:

CVE ID: