Detections
Analytics
Schneider Electric Modicon Modbus Protocol Authentication Bypass
critical Nessus Network Monitor Plugin ID 720119
Synopsis
An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol.Description
An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download.Solution
Perform vendor recommended mitigations and apply available vendor upgrades.See Also
https://ics-cert.us-cert.gov/advisories/ICSA-17-101-01,http://www.securityfocus.com/bid/97562
Plugin Details
Severity: Critical
ID: 720119
Family: SCADA
Published: 5/8/2019
Updated: 9/30/2019
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Patch Publication Date: 4/11/2017
Vulnerability Publication Date: 4/11/2017
Reference Information
CVE: CVE-2017-6034
BID: 97562