CVE-2024-39275

Name of the Vulnerable Software and Affected Versions: Advantech ADAM-5630 (affected versions not specified)

Description: The issue concerns the cookies of authenticated Advantech ADAM-5630 users, which remain active and valid even after a session is closed. This allows an unauthorized attacker to forge requests with a legitimate cookie, granting them the same level of privileges as the legitimate user. The vulnerability may enable a remote attacker to gain unauthorized access to protected information and elevate their privileges.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.