Intrusion Prevention

DNP3.Read.Request.PLC

Description

This indicates that an unauthorized client attempted to read information from a PLC or other field device. Attackers could obtain sensitive system information to use in further attacks.
The Distributed Network Protocol (DNP3) is an industry standard for inter-operations between devices and is commonly found in SCADA systems. DNP3 enables data and command exchange between a sever and a client device. The server sends commands and controls the operation of a client device.

Affected Products

DNP3 servers and clients.

Impact

System compromise.

Recommended Actions

Limit network access to vulnerable devices. Investigate the source of the traffic to prevent further attacks.