Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticated interaction with security-sensitive PLC functions.
Users are recommended to take the following mitigation measures:
-
Enable the IP Filter feature: Configure and enable the PLC's built-in IP Filter function via the programming software. Restrict access exclusively to the IP addresses of trusted devices (such as designated HMI panels or SCADA hosts) to block unauthorized network access.
-
Set up PLC password protection: Enable password protection for the PLC within the programming software to ensure the device's core control logic and parameters cannot be easily downloaded, overwritten, or tampered with.
-
Implement network isolation and firewall protection: Deploy the PLC within an independent local area network (OT control network) secured by a firewall. Never connect the device directly to the office network or the Internet. If remote access is required, enforce the use of a secure, authorized VPN tunnel.