Siemens Unicam FX

Monitor7.8ICS-CERT ICSA-24-046-06Feb 13, 2024

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Unicam FX contains a local privilege escalation vulnerability that allows an attacker with low-level user access to gain SYSTEM privileges. The product has reached end of software maintenance and no patch will be released.

What this means

What could happen

An attacker with local user access to the Unicam FX workstation could escalate privileges to SYSTEM level, giving them full control over the device and any industrial processes or data it manages.

Who's at risk

Organizations using Siemens Unicam FX software on engineering or configuration workstations in industrial automation environments—particularly utilities, manufacturing, and critical infrastructure operators who rely on this platform for device programming and monitoring.

How it could be exploited

An attacker with a user account on the Unicam FX system could run a malicious command or script that exploits the privilege escalation vulnerability to gain SYSTEM-level access. From there, they could modify process configurations, disable safety features, or access sensitive industrial data.

Prerequisites

User account access on the Unicam FX workstation
Local access to the device (no remote exploitation capability)

End-of-life product with no patch availablePrivilege escalation to SYSTEM levelLow attack complexityRequires user-level credentials

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

Unicam FXAll versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDRestrict local access to Unicam FX workstations to trusted personnel only; implement strong access controls and workstation hardening

HARDENINGConfigure network access protections and isolate Unicam FX systems from untrusted networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade to a supported successor product to Unicam FX (consult Siemens for migration guidance)

Mitigations - no patch available

0/1

Unicam FX has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGFollow Siemens operational guidelines for Industrial Security to protect the device environment

CVEs (1)

CVE-2024-22042

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c25185ec-515a-4b33-b827-0ad6b16e0c30