Multiple vulnerabilities in Gessler GmbH WEB-MASTER

1) Use of Weak Credentials

EUVDB-ID: #VU86026

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-1039

CWE-ID: CWE-1391 - Use of Weak Credentials

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to weak hard coded credentials. A remote attacker can gain control over the web management of the device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

WEB-MASTER: 7.9

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-032-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Reversible One-Way Hash

EUVDB-ID: #VU86030

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-1040

CWE-ID: CWE-328 - Use of Weak Hash

Exploit availability: No

Description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to user account is stored using a weak hashing algorithm. A local administrator can restore the passwords by breaking the hashes stored on the device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

WEB-MASTER: 7.9

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-032-01

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.