Vulnerabilities > CVE-2024-39275 - Unspecified vulnerability in Advantech Adam-5630 Firmware

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
advantech

Summary

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user.

Vulnerable Configurations

Part Description Count
OS
Advantech
1
Hardware
Advantech
1