Intrusion Prevention

DNP3.Broadcast.Request.Authorized.Client

Description

This indicates that a request packet was broadcasted to all devices on the network. An attacker can issue a request packet to a network of PLCs or other DNP3 servers to glean information of what devices are on the network.
The Distributed Network Protocol (DNP3) is an industry standard for inter-operations between devices and is commonly found in SCADA systems. DNP3 enables data and command exchange between a server and a client device. The server sends commands and controls the operation of a client device.

Affected Products

DNP3 servers and clients

Impact

Information leakage

Recommended Actions

Limit network access to vulnerable devices. Investigate the source of the traffic to prevent further attacks.