Modbus/TCP Device Identification

Medium Nessus Plugin ID 83301

Synopsis

Read the Modbus/TCP Device Identification using the Encapsulated Interface Transport code 43 and MEI Type 14.

Description

Nessus sent a Modbus Encapsulated Interface read request with MEI type 14 to obtain the device's Vendor Name, Product Code, and Major and Minor Revision. If supported, the data can include Vendor URL, Product Name, Model Name, and User Application Name. The alternative is to detect Modbus on valid error responses from a device not supporting the function code 43 and MEI 14.

Solution

Restrict access to the Modbus port (TCP/502) to authorized Modbus clients.

See Also

http://www.modbus.org/

Plugin Details

Severity: Medium

ID: 83301

File Name: scada_modbus_dev_id_check.nbin

Version: Revision: 1.30

Type: remote

Family: SCADA

Published: 2015/05/10

Modified: 2018/09/14

Dependencies: 23817, 23818

Risk Information

Risk Factor: Medium

CVSS Score Source: manual

CVSS Score Rationale: Info disclosure

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3.0

Base Score: 5.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N