Delta Electronics DVP-12SE Modbus/TCP Cleartext Transmission of Sensitive Information Vulnerability
Vulnerability
A vulnerability exists in the Delta Electronics DVP-12SE product, all versions, allowing for cleartext transmission of sensitive information over Modbus/TCP. This vulnerability could lead to unauthorized interception of data being transmitted, potentially exposing critical information to malicious actors.
Impact
Exploitation of this vulnerability could result in the unauthorized interception of sensitive information transmitted over Modbus/TCP, creating risks associated with data confidentiality and integrity.
Remediation
Users are advised to implement robust network-level countermeasures in accordance with industry best practices for security. This includes utilizing the product's IP whitelisting feature to restrict Modbus/TCP access to trusted client IP addresses, implementing network segmentation to isolate the product within a secure zone, and using industrial firewalls to monitor Modbus/TCP traffic.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.