Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used in affected product contains incorrect use of privileged APIs that trigger the Windows Console Host (conhost.exe) as a child process with SYSTEM privileges. This could be exploited by an attacker to perform a local privilege escalation attack.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权API的不正确使用
Vulnerability Title
Siemens Unicam FX 安全漏洞
Vulnerability Description
Siemens Unicam FX是德国西门子(Siemens)公司的一个常用的 NPI 软件工具。 Siemens Unicam FX 存在安全漏洞,该漏洞源于受影响产品中使用的 Windows 安装程序代理包含对特权 API 的错误使用,这些 API 会触发 Windows 控制台主机 (conhost.exe) 作为具有系统权限的子进程。
CVSS Information
N/A
Vulnerability Type
N/A