Privilege Escalation Vulnerability in Razer Synapse Software
CVE-2017-11653

7.8HIGH

Key Information:

Vendor: Razer
Status: Synapse
Vendor: CVE Published:; 18 August 2017

What is CVE-2017-11653?

Razer Synapse, specifically version 2.20.15.1104 and earlier, has a privilege escalation flaw due to inadequate directory permissions for its Devices directory. This weak security allows local users to exploit this vulnerability by placing a malicious DLL file (either RazerConfigNative.dll or RazerConfigNativeLOC.dll) in the directory, potentially gaining unauthorized privileges and compromising the system integrity. Users of affected versions should consider updating to secure their systems from possible exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/143516/Razer-Synapse...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 18, 2017
Vulnerability Reserved
Jul 26, 2017

JSON

Razer

What is CVE-2017-11653?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.