all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Razer Synapse Race Condition / DLL Hijacking

Add to bookmarks
Sept. 18, 2023, 1:44 p.m. |

Packet Storm packetstormsecurity.com

Razer Synapse versions before 3.8.0428.042117 (20230601) suffer from multiple vulnerabilities. Due to an unsafe installation path, improper privilege management, and a time-of-check time-of-use race condition, the associated system service "Razer Synapse Service" is vulnerable to DLL hijacking. As a result, local Windows users can abuse the Razer driver installer to obtain administrative privileges on Windows.

abuse administrative privileges check dll dll hijacking driver hijacking installation installer local management path privilege privileges race race condition razer result service synapse system vulnerabilities vulnerable windows

Visit resource

More from packetstormsecurity.com / Packet Storm

Hunter Biden Sues Rudy Giuliani And Former Attorney, Alleging They Tried To Hack His Devices 9 hours ago | packetstormsecurity.com
attorney biden data loss devices +7
Debian Security Advisory 5505-1 9 hours ago | packetstormsecurity.com
addresses advisory attacker cdp +15
Falco 0.36.0 9 hours ago | packetstormsecurity.com
agent check containers falco +10
WatchGuard Firebox Web Update Unpacker 9 hours ago | packetstormsecurity.com
file files file system firmware +9
Sony Investigating After Hackers Offer To Sell Stolen Data 9 hours ago | packetstormsecurity.com
data data loss hacker hackers +4
Xenomorph Android Banking Trojan Targeting Users In US, Canada 9 hours ago | packetstormsecurity.com
android android banking trojan bank banking +11
Russia's APT29 Intensifies Espionage Operations 9 hours ago | packetstormsecurity.com
apt29 cyberwar espionage government +5
Space Force Chief Says Commercial Satellites May Need Defending 9 hours ago | packetstormsecurity.com
chief commercial cyberwar defending +7
RoyalTSX 6.0.1 RTSZ File Handling Heap Memory Corruption 1 day, 8 hours ago | packetstormsecurity.com
application array corruption crashes +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Business Information Security Officer

@ Metrolink | Los Angeles, CA
View on infosec-jobs.com

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City
View on infosec-jobs.com

Security Engineer

@ ChartMogul | Remote, EU
View on infosec-jobs.com

Malware Reverse Engineer

@ Two Six Technologies | Fort Meade, Maryland
View on infosec-jobs.com

SOC Analyst Level 3

@ OpenBet | Bengaluru, India
View on infosec-jobs.com

Course Developer, Network Security

@ Palo Alto Networks | Plano, TX, United States
View on infosec-jobs.com
View more jobs