CVE-2024-8011 LOW

CVE-2024-8011

Vendor Logitech

Product Options+

Weakness CWE-863 · Incorrect authorization

Published August 25, 2024

Last update August 26, 2024

View on NVD All CVEs

CVSS base score

2.0/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

What the vulnerability does

01Description

Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera.

Key dates

02Disclosure timeline

August 25, 2024 CVE published

August 26, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-8011

Related vulnerabilities

04Related CVE

CVE-2026-13508 khoj-ai khoj Conversation Sharing api_chat.py authorization CVE-2024-25149 CVE-2024-22208 phpMyFAQ sharing FAQ functionality can easily be abused for phishing purposes CVE-2024-55633 Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access CVE-2026-33330 FileRise ONLYOFFICE integration allows read-only users to overwrite files via forged save callback