DNP3 Binary Inputs Access Remote Information Disclosure

medium Nessus Plugin ID 23809

Synopsis

It is possible to read binary inputs using DNP3 from RTU/IED.

Description

DNP3 Application Layer function code 1 (Read) allows object values to be read across the network. Binary input settings are typically mapped to relays or other sensors which are either on or off.

The ability to read binary inputs may help an attacker profile a system.

Solution

Restrict access to TCP port 20000.

Plugin Details

Severity: Medium

ID: 23809

File Name: scada_dnp3_readbinary.nbin

Version: 1.59

Type: remote

Family: SCADA

Published: 12/11/2006

Updated: 8/15/2022

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information