Gandalf_The_Grey
Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 6,629
A Razer Synapse zero-day vulnerability has been disclosed on Twitter, allowing you to gain Windows admin privileges simply by plugging in a Razer mouse or keyboard.
Razer is a very popular computer peripherals manufacturer known for its gaming mouses and keyboards.
When plugging in a Razer device into Windows 10 or Windows 11, the operating system will automatically download and begin installing the Razer Synapse software on the computer. Razer Synapse is software that allows users to configure their hardware devices, set up macros, or map buttons.
Razer claims that that their Razer Synapse software is used by over 100 million users worldwide.
Security researcher jonhat discovered a zero-day vulnerability in the plug-and-play Razer Synapse installation that allows users to gain SYSTEM privileges on a Windows device quickly.
SYSTEM privileges are the highest user rights available in Windows and allow someone to perform any command on the operating system. Essentially, if a user gains SYSTEM privileges in Windows, they attain complete control over the system.
After not receiving a response from Razer, jonhat disclosed the zero-day vulnerability on Twitter yesterday and explained how the bug works with a short video.
After this zero-day vulnerability gained wide attention on Twitter, Razer has contacted the security researcher to let them know that they will be issuing a fix.
Razer also told the researcher that he would be receiving a bug bounty reward even though the vulnerability was publicly disclosed.
Razer bug lets you become a Windows 10 admin by plugging in a mouse
A Razer Synapse zero-day vulnerability has been disclosed on Twitter, allowing you to gain Windows admin privileges simply by plugging in a Razer mouse or keyboard.
www.bleepingcomputer.com
Some more info from mspoweruser:
Microsoft’s PrintNightmare fiasco has turned the eyes of the hacker community to the vulnerabilities exposed by installing 3rd party drivers and today hacker jonhat discovered that you can open a wide-open door in Windows 10 by simply plugging in a Razer wireless dongle.
The issue is that Windows Update downloads and executes RazerInstaller as system, and that the Installer offers users the opportunity to open an Explorer window to choose where to install the drivers.
From there it only takes a shift-right-click to open a Powershell terminal with system privileges, and the hacker can basically do whatever they want.
Additionally, if the user goes through the installation process and defines the save directory to a user-controllable path like Desktop, the Installer saves a service binary there which can be hijacked for persistence and which is executed before user login on boot.
Attackers do not even need a real Razer mouse, as the USB ID can be easily spoofed.
jonhat says he attempted to contact Razer but was unsuccessful, and has therefore released the vulnerability. We assume Microsoft will move somewhat faster and remove the driver from Windows Update soon, though there is no guarantee as it would leave Razer hardware users without an easy way to access the driver.
Turns out all you need to gain admin privileges on Windows 10 is to plug in a Razer mouse
Microsoft’s PrintNightmare fiasco has turned the eyes of the hacker community to the vulnerabilities exposed by installing 3rd party drivers and today hacker jonhat discovered that you can open a wide-open door in Windows 10 by simply plugging in a Razer wireless dongle. Need local admin and...
mspoweruser.com
Last edited: