CVE-2024-27773 – CVE-2024-27773 is a critical vulnerability in U... (How to Fix)

Q: What is the severity of CVE-2024-27773?

CVE-2024-27773 has a CVSS score of 8.8 (HIGH). CVE-2024-27773 is a critical vulnerability in Unitronics Unistream Unilogic software that allows remote code execution by exploiting trust in less secure sources. This affects industrial control systems using Unistream devices with Unilogic versions prior to 1.35.227. Attackers can potentially take full control of affected systems.

📋 TL;DR

CVE-2024-27773 is a critical vulnerability in Unitronics Unistream Unilogic software that allows remote code execution by exploiting trust in less secure sources. This affects industrial control systems using Unistream devices with Unilogic versions prior to 1.35.227. Attackers can potentially take full control of affected systems.

💻 Affected Systems

Products:

Unitronics Unistream Unilogic

Versions: All versions prior to 1.35.227

Operating Systems: Windows-based systems running Unilogic software

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Unistream programmable logic controllers and associated software installations.

📦 What is this software?

Unilogic by Unitronics

View all CVEs affecting Unilogic →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to execute arbitrary code, disrupt industrial processes, steal sensitive data, or pivot to other network systems.

🟠

Likely Case

Remote code execution leading to unauthorized access, data exfiltration, or disruption of industrial operations.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, potentially only affecting isolated systems.

🌐 Internet-Facing: HIGH - Direct internet exposure makes exploitation trivial for attackers.

🏢 Internal Only: HIGH - Even internally, vulnerable systems can be exploited by malicious insiders or through lateral movement.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Based on CWE-348 and CVSS 8.8 score, exploitation is likely straightforward for attackers with network access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.35.227 or later

Vendor Advisory: https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

Restart Required: Yes

Instructions:

1. Download Unilogic version 1.35.227 or later from Unitronics official website. 2. Backup existing projects. 3. Install the update following vendor instructions. 4. Restart affected systems. 5. Verify successful update.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Unistream devices and Unilogic software from untrusted networks and internet access.

Access Control Restrictions

all

Implement strict firewall rules to limit access to Unilogic systems only from authorized management stations.

🧯 If You Can't Patch

Implement strict network segmentation to isolate vulnerable systems
Deploy intrusion detection systems to monitor for exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check Unilogic software version in Help > About menu. If version is below 1.35.227, system is vulnerable.

Check Version:

Check Unilogic GUI: Help > About menu displays version

Verify Fix Applied:

Verify Unilogic version is 1.35.227 or higher in Help > About menu.

📡 Detection & Monitoring

Log Indicators:

Unusual network connections to Unilogic ports
Unexpected process execution on Unistream devices
Authentication failures or unusual access patterns

Network Indicators:

Suspicious traffic to Unilogic management ports
Unexpected outbound connections from Unistream devices
Anomalous protocol usage

SIEM Query:

source="unilogic" OR device_vendor="Unitronics" AND (event_type="connection" OR event_type="process_execution") AND severity>=high

📊 Metadata

CVE ID: CVE-2024-27773

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-348

Published: March 18, 2024

Last Updated: March 10, 2025

🔗 References

https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered Third Party Advisory
https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0 Third Party Advisory
https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered Third Party Advisory
https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-27773, you might also want to check these: