CVSS4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/SC:N/VI:L/SI:L/VA:L/SA:L/AU:Y/R:U
AI Score
Confidence
Low
EPSS
Percentile
5.1%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Improper Control of Generation of Code (‘Code Injection’) in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration.
[
{
"cpes": [
"cpe:2.3:a:logitech:options_plus:*:*:*:*:*:*:*:*"
],
"vendor": "logitech",
"product": "options_plus",
"versions": [
{
"status": "affected",
"version": "1.60.496306",
"lessThan": "1.70",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]
CVSS4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/SC:N/VI:L/SI:L/VA:L/SA:L/AU:Y/R:U
AI Score
Confidence
Low
EPSS
Percentile
5.1%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial