Modicon PLC Modbus Slave Mode SNMP Request Modbus Mode Remote Disclosure

medium Nessus Plugin ID 23825

Synopsis

It is possible to obtain the Modbus mode of a Modicon PLC using an SNMP Get Request.

Description

The Modicon Quantum, Premium and Momentum brands of PLC's have a private SNMP MIB that is available on the Internet. The Modbus mode has been obtained via an SNMP Get Request. The Modbus mode is either direct, gateway, unit or some combination of these three types.

The Modbus mode could help an attacker determine the type of attack necessary against the PLC.

Solution

Change default community strings to a value not easily guessed and filter access to the SNMP port.

Plugin Details

Severity: Medium

ID: 23825

File Name: scada_modicon_snmp_modbus_type.nbin

Version: 1.130

Type: remote

Family: SCADA

Published: 12/11/2006

Updated: 2/22/2024

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: SNMP/community, SCADA/Device/Modicon