CVE-2024-39364 Information

Description

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system rebooting the hardware and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device automatically without discrimination of origin or level of privileges of the user sending the commands.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-02