← volver
CVE-2022-0915

Logitech Sync desktop application prior to 2.4.574 - TOCTOU during installation leads to privelege escalation

CVSS 6 MEDIUMEPSS 0.2%CWE-367
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user.
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
Productos afectados
Logitech · Sync

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://prosupport.logi.com/hc/en-us/articles/360040085114-Download-Logitech-Sync