PT-2022-13523 · Logitech · Logitech Sync

Karan Bamal

Published

2022-04-12

Updated

2022-04-21

CVE-2022-0915

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Logitech Sync for Windows versions prior to 2.4.574

Description The issue is related to a Time-of-check Time-of-use (TOCTOU) Race Condition, which may allow escalation of permission to the system user if successfully exploited.

Recommendations For versions prior to 2.4.574, update to version 2.4.574 or later to resolve the issue.

Fix

Time Of Check To Time Of Use

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-367

Related Identifiers

CVE-2022-0915

Affected Products

Logitech Sync

PT-2022-13523 · Logitech · Logitech Sync

CVE-2022-0915

Weakness Enumeration

Related Identifiers

Affected Products

References · 4