
Cloud Vulnerability DB
A community-led vulnerabilities database
Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. The vulnerability affects the Razer Synapse Service which runs with elevated privileges. The issue exists because attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin before the service is installed and deny write access for the SYSTEM user. Although the service checks for malicious DLLs, attackers can exploit a race condition to replace a valid DLL with a malicious one after the check but before loading (SYSS Advisory, NVD).
The vulnerability combines multiple security issues: an unsafe installation path in %PROGRAMDATA%, improper privilege management allowing attackers to set restrictive permissions, and a time-of-check-time-of-use (TOCTOU) race condition in DLL validation. The service checks for malicious DLLs upon startup but loads them after validation, creating a window for exploitation. The CVSS v3.1 base score is 7.8 (High) with vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H (NVD).
A successful exploit allows local Windows users to obtain administrative privileges on the system. The attack requires physical access to the machine and needs to be prepared before Razer Synapse is installed along with a Razer driver (SYSS Advisory).
Razer has released a patched version (3.8.0428.042117) that is automatically deployed during driver installation on current Windows builds. System administrators can prevent similar attacks through other co-installers by setting HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Device Installer\DisableCoInstallers = 1 in the Windows registry (SYSS Advisory).
Source: This report was generated using AI
Free Vulnerability Assessment
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
"We know that if Wiz identifies something as critical, it actually is."