← volver
CVE-2024-8258

Insecure Electron Fuses in Logitech Options Plus Allowing Arbitrary Code Execution on macOS

CVSS 2 LOWEPSS 0.4%CWE-94
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration.
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/AU:Y/R:U
Productos afectados
Logitech · Logitech Options Plus

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/r3ggi/electroniz3rhttps://nvd.nist.gov/vuln/detail/CVE-2023-49314https://nvd.nist.gov/vuln/detail/CVE-2023-50643https://www.electronjs.org/docs/latest/tutorial/fuses