CVE-2024-8258: Insecure Electron Fuses in Logitech Options Plus Allowing Arbitrary Code Execution on macOS
First published: Tue Sep 10 2024(Updated: )
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration.
Credit: cve-coordination@logitech.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Logitech Logi Options\+ | >=1.60.496306<1.70.551909 | |
| Apple macOS |
Remedy
Update to Logitech Options Plus version 1.70 or later.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/remedy
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/logitech
- canonical/logitech logi options\+
- version/logitech logi options\+/1.60.496306
- vendor/apple
- canonical/apple macos