This system privilege bug lets an attacker with physical access to the system gain administrative privileges and take over the system. Razer acknowledged the bug and said it’s preparing a fix for it.
Zero-day Bug in Razer Software
Razer is a popular peripherals brand among gamers, specialized in making gaming mice and keyboards. Any of this hardware connected to the system for the first time will automatically install software called Synapse. Razer’s Synapse software will allow the devices to configure the setup, set up macros and map buttons. As this is essential, it happens automatically in Windows 10 and Windows 11 when plugged in. But, there’s a catch, as discovered by jonhat – a security researcher. After getting no response from Razer through a private disclosure, he released the details of this zero-day bug along with a short video on how it works.
Tried contacting @Razer, but no answers. So here’s a freebie pic.twitter.com/xDkl87RCmz — jonhat (@j0nh4t) August 21, 2021 This led the news to go viral, and Razer came up with a statement that it’s preparing a fix for this issue. Also, it will be rewarding the security researcher through a bug bounty program, even though it’s made public now. The problem triggers when you change the folder to select somewhere else, and Shift+ right-click on the “Choose a Folder” dialogue box. This opens the menu with the “Open PowerShell window here” option, and clicking on it will open the PowerShell. Since PowerShell opens with admin (system) privileges by default, all the processes conducted from there on will be done with system privileges. While it’s easy to escalate privileges in minutes with this bug, it still needs physical access to the system to do so.
