Vulnerabilities > CVE-2024-22042 - Unspecified vulnerability in Siemens Unicam FX Firmware

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

siemens

NVD

Published: 2024-02-13

Updated: 2024-10-21

Summary

A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used in affected product contains incorrect use of privileged APIs that trigger the Windows Console Host (conhost.exe) as a child process with SYSTEM privileges. This could be exploited by an attacker to perform a local privilege escalation attack.

Vulnerable Configurations

Part	Description	Count
OS	Siemens Siemens Unicam FX Firmware *	1
Hardware	Siemens Siemens Unicam FX -	1

References

https://cert-portal.siemens.com/productcert/html/ssa-543502.html

Summary

Vulnerable Configurations

Related news

References