Known Vulnerabilities for products from Logitech
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Logitech".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Logitech can be found at device.report : Logitech
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-36263 | StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitra... | 7.3 - HIGH | 2022-08-19 | 2023-08-08 |
| CVE-2022-0916 | An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applicatio... | 8.8 - HIGH | 2022-05-03 | 2022-05-10 |
| CVE-2022-0915 | There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Suc... | 7 - HIGH | 2022-04-12 | 2022-04-21 |
| CVE-2021-38547 | Logitech Z120 and S120 speakers through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device... | 5.9 - MEDIUM | 2021-08-11 | 2021-08-23 |
| CVE-2021-20642 | Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-se... | 6.5 - MEDIUM | 2021-02-12 | 2022-05-03 |
| CVE-2021-20641 | Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/RS allows remote attackers to hijack the authentication ... | 6.5 - MEDIUM | 2021-02-12 | 2022-02-10 |
| CVE-2021-20640 | Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute an arbitr... | 6.8 - MEDIUM | 2021-02-12 | 2023-11-07 |
| CVE-2021-20639 | LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vect... | 6.8 - MEDIUM | 2021-02-12 | 2022-02-10 |
| CVE-2021-20638 | LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vect... | 6.8 - MEDIUM | 2021-02-12 | 2022-02-10 |
| CVE-2021-20637 | Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/PR5B allows a remote attacker to cause a denial-of-... | 6.5 - MEDIUM | 2021-02-12 | 2022-05-03 |
| CVE-2021-20636 | Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/PR5B allows remote attackers to hijack the authenticatio... | 6.5 - MEDIUM | 2021-02-12 | 2022-02-10 |
| CVE-2021-20635 | Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an attacker in the wireless range o... | 6.5 - MEDIUM | 2021-02-12 | 2022-02-10 |
| CVE-2019-13055 | Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryptio... | 6.5 - MEDIUM | 2019-06-29 | 2019-07-08 |
| CVE-2019-13054 | The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. On Windows,... | 6.5 - MEDIUM | 2019-06-29 | 2020-08-24 |
| CVE-2019-13053 | Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination ... | 6.5 - MEDIUM | 2019-06-29 | 2020-08-24 |
| CVE-2019-13052 | Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed. | 6.5 - MEDIUM | 2019-06-29 | 2020-08-24 |
| CVE-2019-12506 | Due to unencrypted and unauthenticated data communication, the wireless presenter Logitech R700 Laser Presentation Remote R-R... | 8.8 - HIGH | 2019-06-07 | 2020-08-24 |
| CVE-2018-15723 | The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP reques... | 9.8 - CRITICAL | 2018-12-20 | 2019-10-09 |
| CVE-2018-15722 | The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote ... | 8.1 - HIGH | 2018-12-20 | 2019-10-09 |
| CVE-2018-15721 | The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP req... | 9.8 - CRITICAL | 2018-12-20 | 2019-10-09 |
Known software with vulnerabilities from Logitech
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Logitech | Audio Echo Cancellation Component | 10.0.1439 |
| Application | Logitech | Backweb | 1.0 |
| Application | Logitech | Camerahelpermsi | 13.0.1774.0 |
| Application | Logitech | Cddrv Installer | 4.60 |
| Application | Logitech | Connection Utility Software | 2.00.3 |
| Hardware | Logitech | Cordless Freedom | - |
| Hardware | Logitech | Cordless Freedom Itouch Keyboard | - |
| Hardware | Logitech | Cordless Freedom Navigator | - |
| Hardware | Logitech | Cordless Freedom Pro | - |
| Hardware | Logitech | Cordless Itouch Keyboard | - |
| Application | Logitech | Desktop Messenger | 2.30.4 |
| Application | Logitech | Ereg | 1.20.138.34 |
| Application | Logitech | Erlt | 1.20.137 |
| Application | Logitech | Game Software | 5.10.127 |
| Application | Logitech | High Quality Video | 12.0.1280 |
| Application | Logitech | Imagestudio | 7.30.0 |
| Application | Logitech | Im Video Companion | 1.3.0.2041 |
| Hardware | Logitech | Itouch Keyboard | - |
| Application | Logitech | Khalinstallwrapper | 2.0.0 |
| Application | Logitech | Lws Facebook | 13.0.1777.0 |