CVE-2023-41089 Information

Description

The affected product is vulnerable to an improper authentication vulnerability which may allow an attacker to impersonate a legitimate user as long as the device keeps the session active since the attack takes advantage of the cookie header to generate \legitimate\ requests.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-23-271-02