Lucene search
K

6 matches found

CVE
CVE
added 2022/03/23 12:0 a.m.103 views

CVE-2021-44226

CVE-2021-44226 affects Razer Synapse prior to 3.7.0228.022817. The vulnerability arises from relying on the directory %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer was created by an unprivileged user before installation, allowing an unprivileged user to place trojan horse D...

7.3CVSS7.4AI score0.00889EPSS
CVE
CVE
added 2023/01/27 12:0 a.m.50 views

CVE-2022-47632

CVE-2022-47632 affects Razer Synapse pre-3.7.0830.081906. The vulnerability stems from an unsafe installation path, improper privilege management, and improper certificate validation that enables DLL hijacking via a malicious DLL placed in %PROGRAMDATA%\Razer\Synapse3\Service\bin before the servi...

6.8CVSS6.9AI score0.00633EPSS
CVE
CVE
added 2023/09/14 12:0 a.m.39 views

CVE-2022-47631

CVE-2022-47631 affects Razer Synapse up to version 3.7.1209.121307 (and earlier). The issue is a time‑of‑check/time‑of‑use race involving an unsafe installation path and improper privilege management that allows local users to escalate to administrator by replacing a legitimate DLL in %PROGRAMDAT...

7.8CVSS7.6AI score0.00378EPSS
CVE
CVE
added 2025/10/29 7:33 p.m.22 views

CVE-2025-9871

CVE-2025-9871 describes a local privilege escalation in Razer Synapse 3 via the Razer Chroma SDK installer. The root cause is a symbolic link abuse in the installer that can be leveraged to delete arbitrary files, enabling an attacker who already has low-privilege code execution to escalate to SY...

7.8CVSS7.7AI score0.00175EPSS
CVE
CVE
added 2025/10/29 7:33 p.m.16 views

CVE-2025-9869

CVE-2025-9869 concerns a local privilege escalation in Razer Synapse 3 Macro Module . The flaw exists in the Razer Synapse Service where an attacker can abuse a created symbolic link to delete arbitrary files. This may allow an attacker to escalate privileges and execute arbitrary code in the con...

7.8CVSS7.7AI score0.00175EPSS
CVE
CVE
added 2025/10/29 7:34 p.m.12 views

CVE-2025-9870

CVE-2025-9870 : Local privilege escalation in Razer Synapse 3 via the Philips Hue module installer. The flaw arises from a symbolic link in the Philips Hue installer that allows an attacker with low-privilege code execution to abuse the installer and delete arbitrary files, enabling code executio...

7.8CVSS7.7AI score0.00175EPSS