logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00012}

epss

{'score': 0.00013}


Wed, 25 Sep 2024 17:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo

Fri, 20 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Pixlone
Pixlone logiops
CPEs cpe:2.3:a:logiops:logiops:*:*:*:*:*:*:*:* cpe:2.3:a:pixlone:logiops:*:*:*:*:*:*:*:*
Vendors & Products Logiops
Logiops logiops
Pixlone
Pixlone logiops

Thu, 19 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Logiops
Logiops logiops
Weaknesses CWE-269
CPEs cpe:2.3:a:logiops:logiops:*:*:*:*:*:*:*:*
Vendors & Products Logiops
Logiops logiops
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 19 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
Description logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction.
References
Metrics cvssV3_1

{'score': 8.5, 'vector': 'CVSS:3.1/AC:L/AV:L/A:L/C:H/I:H/PR:N/S:C/UI:R'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-09-20T13:14:08.991Z

Reserved: 2024-09-06T00:00:00

Link: CVE-2024-45752

cve-icon Vulnrichment

Updated: 2024-09-19T16:08:27.395Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-19T16:15:04.910

Modified: 2024-09-25T16:54:27.520

Link: CVE-2024-45752

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.