CVE-2024-45752 HIGH

CVE-2024-45752

Vendor N/A
Product n/a
Published September 19, 2024
Last update September 20, 2024

CVSS base score

8.5/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AC:L/AV:L/A:L/C:H/I:H/PR:N/S:C/UI:R

What the vulnerability does

01Description

logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction.

Key dates

02Disclosure timeline

September 19, 2024 CVE published
September 20, 2024 Record updated