CVE-2024-39275 Information

Description

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie even if the session was terminated allows an unauthorized attacker to act with the same level of privileges of the legitimate user.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-02