Modbus/TCP Device Identification

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

Read the Modbus/TCP Device Identification using the Encapsulated
Interface Transport code 43 and MEI Type 14.

Description :

Nessus sent a Modbus Encapsulated Interface read request with MEI type
14 to obtain the device's Vendor Name, Product Code, and Major and
Minor Revision. If supported, the data can include Vendor URL, Product
Name, Model Name, and User Application Name. The alternative is to
detect Modbus on valid error responses from a device not supporting
the function code 43 and MEI 14.

See also :

http://www.modbus.org/

Solution :

Restrict access to the Modbus port (TCP/502) to authorized Modbus
clients.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Family: SCADA

Nessus Plugin ID: 83301 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now