CVE-2024-22042

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used in affected product contains incorrect use of privileged APIs that trigger the Windows Console Host (conhost.exe) as a child process with SYSTEM privileges. This could be exploited by an attacker to perform a local privilege escalation attack.

Se ha identificado una vulnerabilidad en Unicam FX (todas las versiones). El agente de instalación de Windows utilizado en el producto afectado contiene un uso incorrecto de API privilegiadas que activan el host de la consola de Windows (conhost.exe) como un proceso secundario con privilegios de SYSTEMA. Un atacante podría aprovechar esto para realizar un ataque de escalada de privilegios local.

*Credits: N/A

CVSS Scores

Siemens AGv3.1 7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-01-04 CVE Reserved
2024-02-13 CVE Published
2024-02-14 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-648: Incorrect Use of Privileged APIs

CAPEC

References (1)

URL	Tag	Source
https://cert-portal.siemens.com/productcert/html/ssa-543502.html

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"		Unicam FX Search vendor "Siemens" for product "Unicam FX"				0 Search vendor "Siemens" for product "Unicam FX" and version "0"		en		Affected