Intrusion Prevention
DNP3.Broadcast.Request.Authorized.Client
Description
This indicates that a request packet was broadcasted to all devices on the network. An attacker can issue a request packet to a network of PLCs or other DNP3 servers to glean information of what devices are on the network.
The Distributed Network Protocol (DNP3) is an industry standard for inter-operations between devices and is commonly found in SCADA systems. DNP3 enables data and command exchange between a server and a client device. The server sends commands and controls the operation of a client device.
Affected Products
DNP3 servers and clients
Impact
Information leakage
Recommended Actions
Limit network access to vulnerable devices. Investigate the source of the traffic to prevent further attacks.