Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Honeywell Scada System Information Disclosure" module is designed to detect a specific vulnerability in the Honeywell SCADA system. This vulnerability allows unauthorized access to sensitive information, potentially leading to a breach of confidentiality. The severity of this vulnerability is classified as low.
This module was authored by alperenkesk.
If exploited, the "Honeywell Scada System Information Disclosure" vulnerability can expose critical system information, such as the DeviceSubClass and IPAddress. This information can be leveraged by attackers to gain a deeper understanding of the target system and potentially launch further attacks.
The module sends an HTTP GET request to the "/web_caps/webCapsConfig" path of the target system. It then applies matching conditions to determine if the vulnerability is present.
The matching conditions for this module are:
- The response must contain the words "DeviceSubClass" and "IPAddress". - The HTTP status code of the response must be 200.If both conditions are met, the module will report the vulnerability.
For example, the module's HTTP request may look like this:
GET /web_caps/webCapsConfig
It is important to note that this module is designed to detect the vulnerability, not to fix or mitigate it. Once the vulnerability is detected, appropriate actions should be taken to address the issue and enhance the security of the Honeywell SCADA system.
For more information, you can refer to the reference.