Advantech Products Session Cookie Predictability Vulnerability Allowing Account Takeover
Vulnerability
A vulnerability exists in certain Advantech products due to predictable session cookies, enabling unauthenticated attackers to perform brute force guessing and take over accounts. This could result in gaining root, admin, or user access, allowing password resets. The vulnerability affects the WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN products.
Impact
Exploitation allows for account takeover, with potential access to root, admin, or user privileges, depending on the compromised account.
Remediation
Users and administrators are advised to enable the Security Mode feature, available in previous firmware versions, which restricts access to unsecured web interfaces and disables unnecessary services. For those using WISE-4010LAN, WISE-4050LAN, or WISE-4060LAN, the JTAG interface is now automatically disabled during normal operation as of firmware version A2.02 B00. Users should update to this version and enable Security Mode.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.