DNP3 Link Layer Brute Force Addressing Disclosure

medium Nessus Plugin ID 23808

Language:

Synopsis

It is possible to determine the link layer address of a DNP3 station by iterating through likely values.

Description

The DNP3 protocol is a multi-layer protocol that begins with a link layer connection. The DNP3 link layer address is required to establish a link layer connection. The DNP3 link layer address for the host was easily guessed, and a valid DNP3 link layer connection was established.

If a link layer connection is successful, additional Read/Write operations to compromise the integrity process control data may be possible.

Solution

Select more complex link layer addresses or filter access to TCP port 20000.

Plugin Details

Severity: Medium

ID: 23808

File Name: scada_dnp3_guess_linkaddr.nbin

Version: 1.74

Type: remote

Family: SCADA

Published: 12/11/2006

Updated: 3/19/2024

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Detections

Analytics