Cyber security researcher Marcus Mengs, has detected four new vulnerabilities that affects some Logitech Wireless devices that use the USB interfaces Unifiying, or variants of this technology, as some Lightspeed devices, technologies developed by the company.
An attacker could intercept communications between devices, control the devices, do keylogger functions or even perform actions on the system with user privileges.
To perform these actions, the malicious user needs physical access to the device. While an update is being developed to mitigate some of these vulnerabilities, Logitech recommends that affected devices not be left unattended.
A patch that fixes two of the four vulnerabilities is expected to be released in August, while the other two will not have an update. According to official Logitech statements, these vulnerabilities are difficult to exploit, and a potential patch would negatively impact device performance.