Modbus/TCP Coil Access
Medium Nessus Plugin ID 23817
SynopsisCoils from a Modicon field device, such as a PLC, RTU, or IED, can be read using function code 1.
DescriptionUsing function code 1, Modbus can reads the coils in a Modbus slave, which is commonly used by SCADA and DCS field devices. Coils refer to the binary output settings and are typically mapped to actuators.
A sample of coil settings read from the device are provided by the plugin output.
The ability to read coils may help an attacker profile a system and identify ranges of registers to alter via a write coil message.
SolutionRestrict access to the Modbus port (TCP/502) to authorized Modbus clients.