CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/SC:N/VI:L/SI:L/VA:L/SA:L/AU:Y/R:U
AI Score
Confidence
High
EPSS
Percentile
5.1%
Improper Control of Generation of Code (‘Code Injection’) in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration.
Vendor | Product | Version | CPE |
---|---|---|---|
logitech | logi_options\+ | * | cpe:2.3:a:logitech:logi_options\+:*:*:*:*:*:*:*:* |
apple | macos | - | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
[
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Logitech Options Plus",
"vendor": "Logitech",
"versions": [
{
"lessThan": "1.70",
"status": "affected",
"version": "1.60.496306",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "1.70"
}
]
}
]
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/SC:N/VI:L/SI:L/VA:L/SA:L/AU:Y/R:U
AI Score
Confidence
High
EPSS
Percentile
5.1%