Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Razer Synapse 3 代码问题漏洞
Vulnerability Description
Razer Synapse 3是美国Razer公司的一个应用软件。基于云的统一硬件配置工具。 Razer Synapse 3.7.0228.022817之前版本存在安全漏洞,该漏洞源于Razer Synapse 3.7.0228.022817之前版本允许权限升级,因为它依赖于%PROGRAMDATA%RazerSynapse3Servicein,在安装Synapse之前,任何非特权用户都创建了%PROGRAMDATA%Razer。攻击者利用该漏洞将Trojan horse DLLs放置在此处。
CVSS Information
N/A
Vulnerability Type
N/A