Logitech Options is an app that controls all of Logitech ’ s mice and keyboards . It offers several different configurations like Changing function key shortcuts , Customizing mouse buttons , Adjusting point and scroll behavior and etc . This app contained Vulnerability-related.DiscoverVulnerability a huge security flaw that was discovered Vulnerability-related.DiscoverVulnerability by Tavis Ormandy who is a Google security researcher . It was found Vulnerability-related.DiscoverVulnerability that Logitech Options was opening a WebSocket server on each individual computer Logitech Options was run on . This WebSocket server would open on port 10134 on which any website could connect and send several various commands which would be JSON-encoded . PID Exploit Through this any attacker can get in and run commands just by setting up a web page . The attacker only needs the Process Identifier ( PID ) . However the PID can be guessed as the software has no limit on the amount of try ’ s conducted . Once the attacker has obtained the PID and is in , consequently he can then completely control the Computer and run it remotely . This can also be used for keystroke injection or Rubber Ducky attacks which have been used to take over PC ’ s in the past . After Ormandy got a hold of Logitech ’ s engineers , he reported Vulnerability-related.DiscoverVulnerability the vulnerability privately to them in a meeting between the Logitech ’ s engineering team and Ormandy on the 18th of September . After waiting a total of 90 days , Ormandy saw the company ’ s failure in addressing Vulnerability-related.PatchVulnerability the issue publicly or through a patch for the app , Thus Ormandy himself posted his finding Vulnerability-related.DiscoverVulnerability on the 11th of December making the issue public . As the story gained attention Accordingly Logitech responded with an update for Logitech Options . Logitech released Vulnerability-related.PatchVulnerability Options version 7.00.564 on the 13th of December . They claim to have fixed Vulnerability-related.PatchVulnerability the origin and type checking bugs along with a patch for the security vulnerability . However they have not mentioned Vulnerability-related.PatchVulnerability the Security Vulnerability patch on their own website . They told German magazine heise.de that the new version does indeed fix Vulnerability-related.PatchVulnerability the vulnerability Travis Ormandy and his team are currently checking the new version of Logitech Options for any signs of Security Vulnerabilities . Everyone with the old version of Logitech Options are advised to upgrade Vulnerability-related.PatchVulnerability to the new 7.00.564 .