12 matches found
CVE-2021-44226
CVE-2021-44226 affects Razer Synapse prior to 3.7.0228.022817. The vulnerability arises from relying on the directory %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer was created by an unprivileged user before installation, allowing an unprivileged user to place trojan horse D...
CVE-2017-9769
CVE-2017-9769 affects Razer Synapse, where a crafted IOCTL sent to the rzpnk.sys driver is forwarded to ZwOpenProcess, allowing opening a handle to an arbitrary process and enabling local privilege escalation. Public materials describe reading/writing memory and potential code execution via a hoo...
CVE-2017-14398
The CVE-2017-14398 entry affects Razer Synapse using rzpnk.sys (v2.20.15.1104). The vulnerability enables local elevation of privilege by a local attacker who uses a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection to read/write arbitrary memory locations. This results in ...
CVE-2021-30494
The CVE-2021-30494 entry concerns Razer Synapse 3 and the Razer Chroma SDK. The connected documents describe that multiple system services installed with the Razer Synapse 3 suite perform privileged operations on entries within the Chroma SDK subkey, specifically involving file name concatenation...
CVE-2017-11653
CVE-2017-11653 affects Razer Synapse 2.20.15.1104 and earlier. The vulnerability arises from weak permissions on the Devices directory, enabling local privilege escalation via a trojan horse using one of two DLLs: RazerConfigNative.dll or RazerConfigNativeLOC.dll. The impact is local privilege es...
CVE-2022-47632
CVE-2022-47632 affects Razer Synapse pre-3.7.0830.081906. The vulnerability stems from an unsafe installation path, improper privilege management, and improper certificate validation that enables DLL hijacking via a malicious DLL placed in %PROGRAMDATA%\Razer\Synapse3\Service\bin before the servi...
CVE-2017-11652
Razer Synapse 2.20.15.1104 and earlier suffer weak permissions on the CrashReporter directory, enabling local attackers to gain privileges by dropping a malicious dbghelp.dll. Affected component: CrashReporter handling in Razer Synapse; root cause: insecure directory permissions facilitating DLL ...
CVE-2021-30493
CVE-2021-30493 describes a vulnerability in the Razer Synapse 3 software where multiple system services perform privileged operations on entries within the ChromaBroadcast subkey, specifically involving file name concatenation of a runtime log file used to store runtime log information. The resul...
CVE-2022-47631
CVE-2022-47631 affects Razer Synapse up to version 3.7.1209.121307 (and earlier). The issue is a time‑of‑check/time‑of‑use race involving an unsafe installation path and improper privilege management that allows local users to escalate to administrator by replacing a legitimate DLL in %PROGRAMDAT...
CVE-2025-9871
CVE-2025-9871 describes a local privilege escalation in Razer Synapse 3 via the Razer Chroma SDK installer. The root cause is a symbolic link abuse in the installer that can be leveraged to delete arbitrary files, enabling an attacker who already has low-privilege code execution to escalate to SY...
CVE-2025-9869
CVE-2025-9869 concerns a local privilege escalation in Razer Synapse 3 Macro Module . The flaw exists in the Razer Synapse Service where an attacker can abuse a created symbolic link to delete arbitrary files. This may allow an attacker to escalate privileges and execute arbitrary code in the con...
CVE-2025-9870
CVE-2025-9870 : Local privilege escalation in Razer Synapse 3 via the Philips Hue module installer. The flaw arises from a symbolic link in the Philips Hue installer that allows an attacker with low-privilege code execution to abuse the installer and delete arbitrary files, enabling code executio...