Session Replay Attack Can Bypass Privilege Token Validation in Advantech ADAM-5630
CVE-2024-39275

8.8HIGH

Key Information:

Vendor: Advantech
Status: Adam-5630 Firmware
Vendor: CVE Published:; 27 September 2024

What is CVE-2024-39275?

The vulnerability in Advantech's ADAM-5630 device stems from improper session management, where cookies of authenticated users remain valid even after the session has been closed. This flaw allows an attacker to forge requests using a legitimate cookie, enabling them to execute actions with the same privileges as the authenticated user. The security risk is particularly concerning as it undermines user privacy and data integrity, highlighting the need for immediate remediation.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-2...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 27, 2024