Vulnerabilities > Logitech > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-25 CVE-2024-8011 Incorrect Authorization vulnerability in Logitech Options+
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera.
local
low complexity
logitech CWE-863
5.5
2022-05-03 CVE-2022-0916 Cross-Site Request Forgery (CSRF) vulnerability in Logitech Options
An issue was discovered in Logitech Options.
network
logitech CWE-352
6.8
2022-04-12 CVE-2022-0915 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Logitech Sync
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574.
6.9
2021-08-11 CVE-2021-38547 Unspecified vulnerability in Logitech S120 Firmware and Z120 Firmware
Logitech Z120 and S120 speakers through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack.
network
logitech
4.3
2021-02-12 CVE-2021-20642 Unspecified vulnerability in Logitech Lan-W300N/Rs Firmware
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.
network
logitech
4.3
2021-02-12 CVE-2021-20641 Cross-Site Request Forgery (CSRF) vulnerability in Logitech Lan-W300N/Rs Firmware
Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/RS allows remote attackers to hijack the authentication of administrators via a specially crafted URL.
network
logitech CWE-352
4.3
2021-02-12 CVE-2021-20640 Classic Buffer Overflow vulnerability in Logitech Lan-W300N/Pgrb Firmware
Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute an arbitrary OS command via unspecified vectors.
low complexity
logitech CWE-120
6.8
2021-02-12 CVE-2021-20637 Unspecified vulnerability in Logitech Lan-W300N/Pr5B Firmware
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/PR5B allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.
network
logitech
4.3
2021-02-12 CVE-2021-20636 Cross-Site Request Forgery (CSRF) vulnerability in Logitech Lan-W300N/Pr5B Firmware
Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/PR5B allows remote attackers to hijack the authentication of administrators via a specially crafted URL.
network
logitech CWE-352
4.3
2018-07-26 CVE-2018-0621 Untrusted Search Path vulnerability in Logitech Connection Utility Software
Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
network
logitech CWE-426
6.8