DNP3.Broadcast.Request.Authorized.Client
Description
This indicates that a request packet was broadcasted to all devices on the network. An attacker can issue a request packet to a network of PLCs or other DNP3 servers to glean information of what devices are on the network.
The Distributed Network Protocol (DNP3) is an industry standard for inter-operations between devices and is commonly found in SCADA systems. DNP3 enables data and command exchange between a server and a client device. The server sends commands and controls the operation of a client device.
Affected Products
DNP3 servers and clients
Impact
Information leakage
Recommended Actions
Limit network access to vulnerable devices. Investigate the source of the traffic to prevent further attacks.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |