ICSA-24-032-01 · Published 2025-08-07 · View on CISA ICS-CERT ↗

Gessler GmbH WEB-MASTER

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow a user to take control of the web management of the device. An attacker with access to the device could also extract and break the password hashes for all users stored on the device.

CVEs (2)

CVE-2024-1039 CVE-2024-1040

Remediations

Gessler GmbH recommends updating EZ2 to 3.2 or greater and WebMaster to 4.4 or greater to mitigate these vulnerabilities. Updates have to be applied by Gessler GmbH technicians. For more information contact Gessler GmbH.

Affected Vendors

Gessler GmbH

Affected Products (1)

Gessler GmbH · WEB-MASTER 7.9

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more