ICCP/COTP (ISO 8073) Protocol Detection

This script is Copyright (C) 2006-2017 Tenable Network Security, Inc.

Synopsis :

COTP (ISO 8073) is running on the host and may be part of an ICCP
server, MMS application, or substation automation device that uses
IEC61850 / UCA.

Description :

The ICCP stack (and other protocols such as MMS and IEC 61850) include
ISO 8073 (RFC 905) at the Transport Layer. ISO 8073 specifies the
Connection Oriented Transport Protocol (COTP) that uses a pair of user
configurable 16-bit numeric, or in some cases ASCII string values, to
identify client endpoints called Transport Service Access Points

Note that ICCP by itself does not offer protection against
eavesdropping, spoofing, man-in-the-middle, and similar attacks.

See also :


Solution :

Either limit traffic to this port to authorized hosts or upgrade to
Secure ICCP, which protects the basic protocol with SSL / TLS
encryption and digital certificates.

Risk factor :

Medium / CVSS Base Score : 5.1

Family: SCADA

Nessus Plugin ID: 23811 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now