DNP3 Link Layer Brute Force Addressing Disclosure

This script is Copyright (C) 2006-2017 Tenable Network Security, Inc.

Synopsis :

It is possible to determine the link layer address of a DNP3 station
by iterating through likely values.

Description :

The DNP3 protocol is a multi-layer protocol that begins with a link
layer connection. The DNP3 link layer address is required to
establish a link layer connection. The DNP3 link layer address for
the host was easily guessed, and a valid DNP3 link layer connection
was established.

If a link layer connection is successful, additional Read/Write
operations to compromise the integrity process control data may be

Solution :

Select more complex link layer addresses or filter access to TCP port

Risk factor :

Medium / CVSS Base Score : 5.0

Family: SCADA

Nessus Plugin ID: 23808 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now