The specialist was also offered a bug bounty reward. As a result, a potential attacker is able to open the console with SYSTEM privileges.Īfter the publication of jonhat attracted the attention of the cybersecurity community, representatives of Razer contacted the researcher and said that they would prepare a patch in the near future. Since PowerShell is started by a process with SYSTEM privileges, the PowerShell application itself will inherit these privileges as well. If you press Shift and right-click on a dialog box, among other things, the user will be prompted to open a PowerShell window. On Twitter, jonhat shows that when the user wants to change the installation folder, the Select Folder dialog box appears. The installation wizard allows user to specify the folder where he want to install the software, and at this stage everything goes wrong. Since the RazerInstaller.exe executable is run by a process with SYSTEM privileges, the Razer installer also gets SYSTEM privileges. The fact is that when you connect the gadget to Windows 10 or Windows 11, the OS will automatically download and start installing the driver and Razer Synapse software, which allows user to customize Razer gadgets. Need local admin and have physical access? – Plug a Razer mouse (or the dongle) – Windows Update will download and execute RazerInstaller as SYSTEM – Abuse elevated Explorer to open Powershell with Shift+Right click 1X If Razer Synapse fails to detect your Razer device, it could be due to either of the following: Software or hardware issue Outdated Riot Vanguard (version 1.7.0.27) blocking of Razer drivers The device is not Razer Synapse-supported You can view the video below for instructions or review a copy of the video transcript. It is worth noting that the exploitation of the vulnerability requires physical access to the target machine, that is, the problem is of the type of local privilege escalation. On Twitter, the expert writes that he tried to contact the manufacturer, but did not receive an answer and therefore decided to talk about the problem publicly. A security researcher known as jonhat discovered a 0-day vulnerability in Razer Synapse, thanks to which user can gain Windows administrator rights by simply connecting a Razer mouse or keyboard to your computer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |