Synapse@* Security Vulnerabilities and Issues — Synapse@* CVE List

Lucene search

RazerSynapse*

5 matches found

CVE•added 2022/03/23 10:15 p.m.•86 views

CVE-2021-44226

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there.

7.3CVSS7.4AI score0.00064EPSS

CVE•added 2017/08/18 5:29 p.m.•41 views

CVE-2017-11653

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse (1) RazerConfigNative.dll or (2) RazerConfigNativeLOC.dll file.

7.8CVSS7.6AI score0.00035EPSS

CVE•added 2023/01/27 3:15 p.m.•39 views

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and...

6.8CVSS6.9AI score0.00057EPSS

CVE•added 2017/08/18 5:29 p.m.•33 views

CVE-2017-11652

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file.

8.4CVSS8.1AI score0.00039EPSS

CVE•added 2023/09/14 10:15 p.m.•29 views

CVE-2022-47631

Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM u...

7.8CVSS7.6AI score0.00068EPSS