Logitech Options Vulnerability

Security researchers have identified a vulnerability in Logitech Options that allows a remote attacker to run arbitrary keystrokes on an affected system.

Threat ID:: CC-2849
Category:
Threat Severity:: Low
Threat Vector:
Published:: 18 December 2018 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

Security researchers have identified a vulnerability in Logitech Options that allows a remote attacker to run arbitrary keystrokes on an affected system.

Threat details

Logitech Options configures itself to run automatically when the system starts up. The program opens a WebSocket server on port 10134, which does not perform any significant authentication or check the origin of received messages.

Any website can be configured to establish a WebSocket connection to this server and then send commands and options to the system.

For further reading:

Google Project Zero Report 1663

Remediation

At the time of publication, Logitech has not yet released an update that addresses this vulnerability.

Users and administrators are encouraged to uninstall Logitech Options if it is not required or close port 10134.

Remediation steps

Type	Step
	At the time of publication, Logitech has not yet released an update that addresses this vulnerability. Users and administrators are encouraged to uninstall Logitech Options if it is not required or close port 10134.

Type

Step

At the time of publication, Logitech has not yet released an update that addresses this vulnerability.

Users and administrators are encouraged to uninstall Logitech Options if it is not required or close port 10134.

Last edited: 17 February 2020 1:00 pm