You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
modbus authentication
About this tag
Modbus authentication is a critical security concern in industrial control systems, as highlighted by the ICSA-26-099-02 advisory for GPL750 Modbus Missing Authentication. This vulnerability affects GPL Odorizers GPL750 systems, where a low-privileged remote attacker can send Modbus packets to manipulate register values, potentially causing incorrect gas odorization. The advisory covers multiple controller families and firmware lines, with mitigation requiring updates to GPL750 software and the underlying Horner firmware stack, plus hardening access to the control network. This tag covers discussions on missing authentication in Modbus protocols, focusing on industrial cybersecurity and patch management for operational technology.
The release of ICSA-26-099-02 turns a niche industrial product into a straightforward reminder of how dangerous missing authentication can be in operational technology. CISA says a low-privileged remote attacker could send Modbus packets to manipulate register values in GPL Odorizers GPL750...