Image Source What Did the Researcher Say About This?
Following this step, any command can be initiated on the machine.The PowerShell prompt can be opened, then the command ‘whoami” reveals that the console is one with system privileges.This means that the Powershell prompt will have system privileges because it was opened via a process that possessed these.In the Folder window, a Powershell prompt will be launched.Then you can initiate an “Open Powershell here” by holding Shift and right-clicking on the window.A ‘Choose a Folder’ window will show when you alter the location of your folder.Well, you can choose the folder location where this can be installed because the wizard setup allows you to have this option and this is the moment when the exploitation might commence.What happens after the Razer Synapse program gets deployed?.This was because a Windows process that had system privileges was made use of to initiate the RazerInstaller.exe executable.System privileges were achieved by Razer’s installation software.They saw how the automatic download and installation of Razer Synapse software and the driver began.Then they plugged the Razer mouse into Windows 10.In the command prompt, they built a temporary ‘Test’ user.They chose one of their computers that ran Windows 10 and possessed privileges that were non-admin.According to their conclusions, the bug works like this: How Does This Razer Synapse Vulnerability Work?įinding about this Razer Synapse vulnerability and following the demonstration of the security researcher on Twitter, the BleepingComputer publication made a test to see how it works and shared its details. When such a device is connected to Windows 10 or 11, what happens next is that the Razer Synapse software starts to download and install. How? With a Razer mouse or keyboard, simply plugging it into a computer. This new bug permits Windows admin privileges achievement. The zero-day has been discovered by researcher jonhat who announced it on Twitter and shared a video sample of how it works. The technology company is most popular for the gaming keyboards and mouses they produce.
A Razer Synapse vulnerability was identified, Razer being a vendor of services in the financial area, consumer electronics, gaming devices, and a manufacturer of peripherals for computers.
0 kommentar(er)
