Modicon PLC Default FTP Password (SCADA)

High Nessus Network Monitor Plugin ID 3851

Synopsis

The remote host is configured with default or easily-guessed credentials.

Description

The ethernet modules on Modicon Quantum, Premium and Micro brand PLC's have an FTP server. The FTP server has one account that can be modified. The default account has the ability to load programs and change the configuration and programming of the PLC.

Solution

Change the username and password for the FTP server.

Plugin Details

Severity: High

ID: 3851

File Name: 3851.prm

Family: SCADA

Published: 2006/12/11

Modified: 2016/09/30

Dependencies: 1803, 1804, 3222

Risk Information

Risk Factor: High