Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
logitech vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2016-10761
Logitech Unifying devices prior to 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.
Logitech K400r Firmware -
Logitech K360 Firmware -
Logitech K750 Firmware -
Logitech K830 Firmware -
Logitech Unifying Receiver Firmware 012.001.00019
Logitech Unifying Receiver Firmware 012.003.00025
6.1
CVSSv3
CVE-2017-15687
DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7.7.1, 7.7.2, 7.7.3, 7.7.5, 7.7.6, 7.9.0, and 7.9.1 via a crafted URI.
Logitech Media Server 7.7.6
Logitech Media Server 7.9.0
Logitech Media Server 7.9.1
Logitech Media Server 7.7.2
Logitech Media Server 7.7.5
Logitech Media Server 7.7.1
Logitech Media Server 7.7.3
1 EDB exploit
NA
CVE-2001-0737
A long 'synch' delay in Logitech wireless mice and keyboard receivers allows a remote malicious user to hijack connections via a man-in-the-middle attack.
Logitech Cordless Freedom
Logitech Cordless Itouch Keyboard
Logitech Cordless Freedom Navigator
Logitech Cordless Freedom Pro
6.5
CVSSv3
CVE-2019-13055
Certain Logitech Unifying devices allow malicious users to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a Logitech K360 keyboard.
Logitech Unifying Receiver Firmware -
Logitech K360 Firmware -
8 Github repositories
5.9
CVSSv3
CVE-2021-38547
Logitech Z120 and S120 speakers through 2021-08-09 allow remote malicious users to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to ...
Logitech Z120 Firmware
Logitech S120 Firmware
NA
CVE-2002-1722
Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button.
Logitech Cordless Freedom Itouch Keyboard
Logitech Cordless Itouch Keyboard
Logitech Itouch Keyboard
8.8
CVSSv3
CVE-2019-12506
Due to unencrypted and unauthenticated data communication, the wireless presenter Logitech R700 Laser Presentation Remote R-R0010 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install m...
Logitech R700 Laser Presentation Remote Firmware Wd802xm
Logitech R700 Laser Presentation Remote Firmware Wd904xm
6.5
CVSSv3
CVE-2019-13052
Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed.
Logitech Unifying Receiver Firmware -
8 Github repositories
6.5
CVSSv3
CVE-2019-13054
The Logitech R500 presentation clicker allows malicious users to determine the AES key, leading to keystroke injection. On Windows, any text may be injected by using ALT+NUMPAD input to bypass the restriction on the characters A through Z.
Logitech R500 Firmware -
9 Github repositories
9.8
CVSSv3
CVE-2018-15721
The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API.
Logitech Harmony Hub Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »