Detections
Analytics

Modbus/TCP Device Identification

medium Nessus Plugin ID 83301

Language:

Synopsis

Read the Modbus/TCP Device Identification using the Encapsulated Interface Transport code 43 and MEI Type 14.

Description

Nessus sent a Modbus Encapsulated Interface read request with MEI type 14 to obtain the device's Vendor Name, Product Code, and Major and Minor Revision. If supported, the data can include Vendor URL, Product Name, Model Name, and User Application Name. The alternative is to detect Modbus on valid error responses from a device not supporting the function code 43 and MEI 14.

Solution

Restrict access to the Modbus port (TCP/502) to authorized Modbus clients.

See Also

http://www.modbus.org/

Plugin Details

Severity: Medium

ID: 83301

File Name: scada_modbus_dev_id_check.nbin

Version: 1.71

Type: remote

Family: SCADA

Published: 5/10/2015

Updated: 7/17/2024

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Info disclosure

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

CVSS v3

Risk Factor: Medium

Base Score: 5.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N