H3-2022-0009

Simple Network Management Protocol (SNMP) Port Exposed to the Internet

Description

The Simple Network Management Protocol (SNMP) service is exposed to the Internet. SNMP is used for exchanging management information between network devices such as routers or switches. An attacker can exploit this exposure by scanning for devices listening on SNMP ports and trying to access them using common weak or default community strings.

Impact

This misconfiguration enables an attacker to potentially gain unauthorized access to the network device's configuration and operational data. An attacker could also potentially modify device configuration, leading to further compromise and disruption.

References

• Internet Accessible SNMP Server
• MITRE ATT&CK Technique: T1133: External Remote Services