← back
CVE-2024-8258

Insecure Electron Fuses in Logitech Options Plus Allowing Arbitrary Code Execution on macOS

CVSS 2 LOWEPSS 0.4%CWE-94
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration.
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/AU:Y/R:U
Affected products
Logitech · Logitech Options Plus

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/r3ggi/electroniz3rhttps://nvd.nist.gov/vuln/detail/CVE-2023-49314https://nvd.nist.gov/vuln/detail/CVE-2023-50643https://www.electronjs.org/docs/latest/tutorial/fuses