CVE-2024-45752

HIGH

logiops <= 0.3.4 - Privilege Escalation via Unrestricted D-Bus Service

Title source: llm
STIX 2.1

Description

logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction.

References (2)

Core 2

Scores

CVSS v3 8.5
EPSS 0.0027
EPSS Percentile 17.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-269
Status published
Products (1)
pixlone/logiops < 0.3.4
Published Sep 19, 2024
Tracked Since Feb 18, 2026