Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration.
References
| Link | Resource |
|---|---|
| https://github.com/r3ggi/electroniz3r | Exploit Third Party Advisory |
| https://nvd.nist.gov/vuln/detail/CVE-2023-49314 | Not Applicable |
| https://nvd.nist.gov/vuln/detail/CVE-2023-50643 | Not Applicable |
| https://www.electronjs.org/docs/latest/tutorial/fuses | Product |
Configurations
Configuration 1 (hide)
| AND |
|
History
27 Sep 2024, 18:56
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/r3ggi/electroniz3r - Exploit, Third Party Advisory | |
| References | () https://nvd.nist.gov/vuln/detail/CVE-2023-49314 - Not Applicable | |
| References | () https://nvd.nist.gov/vuln/detail/CVE-2023-50643 - Not Applicable | |
| References | () https://www.electronjs.org/docs/latest/tutorial/fuses - Product | |
| First Time |
Apple
Apple macos Logitech Logitech logi Options\+ |
|
| CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:a:logitech:logi_options\+:*:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
10 Sep 2024, 12:09
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-09-10 09:15
Updated : 2024-09-27 18:56
NVD link : CVE-2024-8258
Mitre link : CVE-2024-8258
CVE.ORG link : CVE-2024-8258
JSON object : View
Products Affected
logitech
- logi_options\+
apple
- macos
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')