← back
CVE-2022-0916

Broken authentication on Logitech Options due to misvalidation of Oauth state parameter

CVSS 8.4 HIGHEPSS 0.4%CWE-287
An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Affected products
Logitech · Options

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.logi.com/hc/en-us/articles/360025297893