Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RazerCentralSerivce Unsafe Named Pipe Permission Escalation of Privilege Vulnerability
Vulnerability Description
Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and calling "AddModule" or "UninstallModules" command to execute arbitrary executable file.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
Razer Central 安全漏洞
Vulnerability Description
Razer Central是美国雷蛇(Razer)公司的外设控制中心。 Razer Central 7.11.0.558及之前版本存在安全漏洞,该漏洞源于命名管道中的不当权限控制,允许具有本地访问权限的恶意攻击者通过以低权限用户身份与命名管道通信来获取系统权限并执行任意可执行文件。
CVSS Information
N/A
Vulnerability Type
N/A