CVE-2024-8011

Summary

Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera.

Affected Software

VendorProductVersion RangeStatus
LogitechOptions+1.72.564177unaffected
LogitechOptions+0 <= 1.70.551909affected

Weaknesses

  • CWE-863: CWE-863 Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References