CVE-2017-9770

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length...

CVE-2017-9770

The CVE-2017-9770 issue affects the Razer Synapse rzpnk.sys driver. A specially crafted IOCTL can cause an out-of-bounds read by using a field inside the IOCTL data as the read length, enabling memory access beyond the buffer. Documents describe the vulnerability in the rzpnk.sys IOCTL handling a...

CVE-2017-9769

CVE-2017-9769 affects Razer Synapse, where a crafted IOCTL sent to the rzpnk.sys driver is forwarded to ZwOpenProcess, allowing opening a handle to an arbitrary process and enabling local privilege escalation. Public materials describe reading/writing memory and potential code execution via a hoo...

CVE-2017-9769

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process...

CVE-2017-9769

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. Recent assessments: zeroSteiner at November 21, 2019 11:14pm UTC reported: Analysis The Razer rzpnk.sys driver...

CVE-2017-9770

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length. Recent assessments: zeroSteiner at December 18, 2019 1:17am UTC reported: A vulnerability exists...

Razer Synapse 2.20.15.1104 - rzpnk.sys ZwOpenProcess (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/windowskernel' require 'rex' require 'metasm' class MetasploitModule 'Razer Synapse rzpnk.sys ZwOpenProcess', 'Description' = %q A...

Razer Synapse rzpnk.sys ZwOpenProcess Exploit

A vulnerability exists in the latest version of Razer Synapse v2.20.15.1104 as of the day of disclosure which can be leveraged locally by a malicious application to elevate its privileges to those of NTAUTHORITY\SYSTEM. This module requires Metasploit: http//metasploit.com/download Current source...

Razer Synapse rzpnk.sys ZwOpenProcess

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/windowskernel' require 'rex' require 'metasm' class MetasploitModule 'Razer Synapse rzpnk.sys ZwOpenProcess', 'Description' = %q A...

Razer Synapse rzpnk.sys ZwOpenProcess

A vulnerability exists in the latest version of Razer Synapse v2.20.15.1104 as of the day of disclosure which can be leveraged locally by a malicious application to elevate its privileges to those of NTAUTHORITY\SYSTEM. The vulnerability lies in a specific IOCTL handler in the rzpnk.sys driver th...

Windows Gather Razer Synapse Password Extraction

This module will enumerate passwords stored by the Razer Synapse client. The encryption key and iv is publicly known. This module will not only extract encrypted password but will also decrypt password using public key. Affects versions earlier than 1.7.15. This module requires Metasploit:...