CVE-2024-22042

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 13, 2024

CWE ID 648

Summary

CVE-2024-22042 is a newly discovered vulnerability affecting all versions of Unicam FX. The issue stems from the windows installer agent in the product, which erroneously utilizes privileged APIs. This misuse leads to the Windows Console Host (conhost.exe) being launched as a child process with SYSTEM privileges. Such a scenario presents an opportunity for attackers to execute local privilege escalation attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uBp2_U
https://www.cve.org/CVERecord?id=CVE-2024-22042
https://nvd.nist.gov/vuln/detail/CVE-2024-22042

Back to Vulnerability Database

CVE-2024-22042

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations