Soap Opera Scene: Vulnerability (CVE-2022-46338) Realized in Life – 1st Dec 2022

Preface: Logitech revenue worldwide 2016-2022, by segment
News update in Aug 15, 2022.
In 2022, the computer peripherals producer Logitech reported sales revenues of 5.48 billion U.S. dollars, of which 1.45 billion U.S. dollars was generated by its gaming segment. A further 967.3 million U.S. dollars in revenue was made from keyboard and keyboard-and-mouse combination (combo) sales.

Background: Linux led controller ( g810-led) for Logitech G213, G410, G413, G512, G513, G610, G810, G815, G910 and GPRO Keyboards. Furthermore it was included compatible keyboard by other vendor.

Versions of packages g810-led depends on:
– libc6 2.31-13+deb11u4
– libg810-led0 0.4.2-2.1
– libgcc-s1 10.2.1-6
– libstdc++6 10.2.1-6

Ref: G810-led is a configuration tool for the LEDs on Logitech Gx10 gaming keyboards: G213, G410, G413, G512, G513, G610, G810, G815, G910, and G Pro.

The LEDs can be configured in a variety of ways, depending on the keyboards’ capabilities.

Vulnerability details: g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data.

Remark: In fact, G810-led is a configuration tool for the Logitech Gx10 Gaming Keyboard LEDs. Sometimes keyboards with this feature are accidentally misused in key areas. If it is like this. It is recommended not to use similar keyboard models, and wait for the official manufacturer to release a remedy.

Official announcement: Please refer to the link for details –

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.