Jonhat reported the issue to Razer which, after some delay, did reach out to the researcher.Īccording to jonhat, the issue being fixed and he will receive a bug bounty for his efforts. Abuse elevated Explorer to open Powershell with Shift+Right click Windows Update will download and execute RazerInstaller as SYSTEM Need local admin and have physical access? Inside file explorer, jonhat holds down shift and right clicks to bring up a menu with ‘Open PowerShell window here’ as one option.īecause the installer had system privileges, this meant he was able to open PowerShell as system – which jonhat confirms by typing the ‘whoami’ command. When the installer loads, it lets the user choose the install location which opens a window in file explorer. Razer Synapse lets users personalise their keyboards and mice with custom configurations like key macros and ambient lighting. This is normal for plug and play devices which automatically tell the system which drivers to install so users can start using their new peripherals right away.īut the problem comes with the Razer Synapse software bundled with the company’s driver. Once he connects the Razer device to the Windows 10 virtual machine, it automatically downloads and installs the device drivers. In a video accompanying his tweet, jonhat showed the full attack. Twitter user jonhat shared the vulnerability publicly on Saturday, saying getting local admin privileges was as easy as plugging in a Razer peripheral and opening Powershell. Simply plugging in a Razer keyboard or mouse could give an attacker administrator privileges on Windows 10 machines by automatically installing device software, a security researcher has discovered.
0 Comments
Leave a Reply. |