The remote ICCP server has just disconnected an ICCP client due to a protocol error. Receiving a number of these alerts might be an indicator of an ongoing attack, a saturated SCADA network, or a misconfigured client/server architecture.
{"id": "6254.PRM", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "ICCP Invalid Client Disconnect (SCADA)", "description": "The remote ICCP server has just disconnected an ICCP client due to a protocol error. Receiving a number of these alerts might be an indicator of an ongoing attack, a saturated SCADA network, or a misconfigured client/server architecture.", "published": "2012-01-06T00:00:00", "modified": "2016-04-29T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nnm/6254", "reporter": "Tenable", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2021-08-19T12:59:11", "viewCount": 5, "enchantments": {"dependencies": {}, "score": {"value": 1.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310813061"]}]}, "exploitation": null, "vulnersScore": 1.9}, "_state": {"dependencies": 1678955717, "score": 1684008354, "epss": 1679107841}, "_internal": {"score_hash": "49cd8b3a311f37434627dd91f36f4d16"}, "pluginID": "6254", "sourceData": "Binary data 6254.prm", "naslFamily": "SCADA", "cpe": [], "solution": "N/A", "nessusSeverity": "Info", "cvssScoreSource": "", "vendor_cvss2": {}, "vendor_cvss3": {}, "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}
ICCP Invalid Client Disconnect (SCADA)