Vulnerabilities > CVE-2024-8011 - Incorrect Authorization vulnerability in Logitech Options+

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

local

low complexity

logitech

CWE-863

NVD

Published: 2024-08-25

Updated: 2024-09-11

Summary

Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera.

Vulnerable Configurations

Part	Description	Count
Application	Logitech Logitech Options+ *	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://www.hackerone.com