Answered step by step
Verified Expert Solution
Question
1 Approved Answer
You are a network manager for Green Power Production (GPP) Corporation and while on a routine check, you have documented a vulnerability with an
You are a network manager for Green Power Production (GPP) Corporation and while on a routine check, you have documented a vulnerability with an loT device. GPP Corp uses loT devices in their manufacturing facility for monitoring and management of a wide variety of equipment. During a security audit, a malware was discovered on the PLC that controls the operation of turbine 1. The PLC 1 can communicate with the other four PLCs that control the four turbines. At any time only 3 turbines are running. During further check it was revealed that the telnet protocol is enabled on port 5023 and data can transfer without any problem. However, there are no logs corresponding to any data transfer in or out from the compromised device yet. The other PLCs are not affected yet however they all receive the instruction in broadcast. The compromised loT device stores only the program to control the turbine in a machine readable format, however the instructions turn on or turn off from the operation manager computer are communicated in plain text over the network. 1. What is the Base Score for the vulnerability?CVSS 4.0 or 3.0 can be used.(3)
Step by Step Solution
There are 3 Steps involved in it
Step: 1
To calculate the Base Score for the vulnerability we can use the Common Vulnerability Scoring System ...Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started