PT-2024-38751 · Logitech · Logitech Options
Ferdogan
·
Published
2024-08-25
·
Updated
2024-09-11
·
CVE-2024-8011
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
Logitech Options+ versions prior to 1.72
Description:
The issue allows a local attacker to inject a dynamic library within the Logitech Options+ runtime and abuse permissions granted by the user, such as access to the Camera. This can lead to compromised system security.
Recommendations:
For Logitech Options+ versions prior to 1.72, upgrade to version 1.72 to mitigate the risks. As a temporary workaround, consider restricting access to sensitive features such as the Camera until the upgrade is applied.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Logitech Options