Lucene search
K

Firmware Version Change Detected (High)

🗓️ 16 Apr 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 3 Views

Firmware version change detected on remote OT asset, posing potential security risks.

Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(503164);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/04/16");

  script_name(english:"Firmware Version Change Detected (High)");

  script_set_attribute(attribute:"synopsis", value:
"A firmware version change has been detected on the remote OT asset.");
  script_set_attribute(attribute:"description", value:
"Changes in the controller firmware represent a major change in the
behavior of the device and usually cause a temporary interruption of
operations. An attacker could use firmware changes to add malicious
code to the controller, causing it to perform harmful operations
which are hard to detect.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"solution", value:
"1) Check whether the firmware change was made as part of scheduled work and whether the source of the operation is approved for making such changes.

2) If this was not part of a planned operation, check the source asset of the event to determine if it has been compromised.");
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_publication_date", value:"2025/04/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot Violation");
  
  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
  
  exit(0);
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Apr 2025 00:00Current
5.5Medium risk
Vulners AI Score5.5
3