CVE-2021-44226

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.3 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
razersynapse
𝑥
< 3.7.0228.022817
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/166485/Razer-Synapse-3.6.x-DLL-Hijacking.html
http://packetstormsecurity.com/files/170772/Razer-Synapse-3.7.0731.072516-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/174696/Razer-Synapse-Race-Condition-DLL-Hijacking.html
http://seclists.org/fulldisclosure/2022/Mar/51
http://seclists.org/fulldisclosure/2023/Jan/26
http://seclists.org/fulldisclosure/2023/Sep/6
https://www.razer.com/community
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-058.txt
http://packetstormsecurity.com/files/166485/Razer-Synapse-3.6.x-DLL-Hijacking.html
http://packetstormsecurity.com/files/170772/Razer-Synapse-3.7.0731.072516-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/174696/Razer-Synapse-Race-Condition-DLL-Hijacking.html
http://seclists.org/fulldisclosure/2022/Mar/51
http://seclists.org/fulldisclosure/2023/Jan/26
http://seclists.org/fulldisclosure/2023/Sep/6
https://www.razer.com/community
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-058.txt