Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration.
References
| Link | Resource |
|---|---|
| https://www.electronjs.org/docs/latest/tutorial/fuses | Product |
| https://nvd.nist.gov/vuln/detail/CVE-2023-50643 | Not Applicable |
| https://nvd.nist.gov/vuln/detail/CVE-2023-49314 | Not Applicable |
| https://github.com/r3ggi/electroniz3r | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
27 Sep 2024, 18:56
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.electronjs.org/docs/latest/tutorial/fuses - Product | |
| References | () https://nvd.nist.gov/vuln/detail/CVE-2023-50643 - Not Applicable | |
| References | () https://nvd.nist.gov/vuln/detail/CVE-2023-49314 - Not Applicable | |
| References | () https://github.com/r3ggi/electroniz3r - Exploit, Third Party Advisory | |
| First Time |
Logitech logi Options\+
Logitech Apple Apple macos |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| CPE | cpe:2.3:a:logitech:logi_options\+:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
|
| CWE | CWE-94 |
10 Sep 2024, 09:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-09-10 09:15
Updated : 2024-09-27 18:56
NVD link : CVE-2024-8258
Mitre link : CVE-2024-8258
JSON object : View
Products Affected
logitech
- logi_options\+
apple
- macos
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')