Detections
Analytics
Schneider Electric Modicon Modbus Protocol Violation of Secure Design Principles
medium Nessus Network Monitor Plugin ID 720117
Synopsis
A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol.Description
A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related weakness making it susceptible to brute-force attacks.Solution
Perform vendor recommended mitigations and apply available vendor upgrades.See Also
https://ics-cert.us-cert.gov/advisories/ICSA-17-101-01,http://www.securityfocus.com/bid/97562
Plugin Details
Severity: Medium
ID: 720117
Family: SCADA
Published: 5/8/2019
Updated: 9/30/2019
Risk Information
VPR
Risk Factor: Low
Score: 1.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS v3
Risk Factor: Medium
Base Score: 5.3
Temporal Score: 4.6
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Patch Publication Date: 4/11/2017
Vulnerability Publication Date: 4/11/2017
Reference Information
CVE: CVE-2017-6032
BID: 97562