Vulnerability in Siemens Unicam Fx
CVE-2024-22042
A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used in affected product contains incorrect use of privileged APIs that trigger the Windows Console Host (conhost.exe) as a child process with SYS…
EPSS: 0.001 (4.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Siemens Unicam Fx — versions 0
- Siemens Unicam_fx
Weakness classification (CWE)
Public proof-of-concept exploits
References
- productcert@siemens.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2024-22042?
- CVE-2024-22042 is a high-severity vulnerability in Siemens Unicam Fx, classified under CWE-648. CVSS score: 7.8/10. Published 2024-02-13.
- How severe is CVE-2024-22042?
- High severity. CVSS v3 base score is 7.8 out of 10.
- Is CVE-2024-22042 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.