23 August 21, 18:27
Quote:A zero-day bug in the device installer software for Razer peripherals – be they a Razer mouse, keyboard or any device that uses the Synapse utility – gives the plugger-inner full admin rights on Windows 10, just by inserting a compatible peripheral and downloading Synapse.
There’s apparently nothing keeping the vulnerability from allowing the same privilege escalation on Windows 11, although, if that operating system has in fact been tested, its vulnerability hasn’t yet been reported.
Razer manufactures popular, high-end hardware for gamers, including mouses, keyboards and gaming chairs. Its Razer Synapse software enables users to configure hardware devices, set up macros or map buttons.
The bug was reported by security researcher jonhat (@j0nh4t), who tweeted about it on Saturday after initially not hearing back from Razer. As of Sunday, the tweet had caught Razer’s attention, and the manufacturer told jonhat that its security team was working on getting out a fix ASAP. It also awarded jonhat a bug bounty, in spite of the fact that the bug was disclosed.
As the researcher tells it and has BleepingComputer confirmed in its own tests, the problem is that when a user plugs in a Razer device (or dongle, if it’s a wireless peripheral), Windows automatically fetches an installer containing driver software and the Synapse utility. The plug-and-play Razer Synapse installation then allows users to gain SYSTEM privileges on the Windows device lickety-split, since, as part of the setup routine, it opens an Explorer window that prompts the user to specify where the driver should be installed.
Read more: Windows 10 Admin Rights Gobbled by Razer Devices