icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Modicon PLC IO Scan Status Disclosure

Medium

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The Modicon Quantum, Premium and Momentum brands of PLCs have a private SNMP MIB that is available on the Internet. The scan status may be obtained via an SNMP Get Request. The scan status is either idle, operational or stopped. An attacker may use this information to determine the status of a PLC.

Solution

Change default community strings to a value not easily guessed and filter access to the SNMP port.