Unrated severityNVD Advisory· Published Mar 23, 2022· Updated Aug 4, 2024
CVE-2021-44226
CVE-2021-44226
Description
Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
8- seclists.org/fulldisclosure/2022/Mar/51mitremailing-list
- seclists.org/fulldisclosure/2023/Jan/26mitremailing-list
- seclists.org/fulldisclosure/2023/Sep/6mitremailing-list
- packetstormsecurity.com/files/166485/Razer-Synapse-3.6.x-DLL-Hijacking.htmlmitre
- packetstormsecurity.com/files/170772/Razer-Synapse-3.7.0731.072516-Local-Privilege-Escalation.htmlmitre
- packetstormsecurity.com/files/174696/Razer-Synapse-Race-Condition-DLL-Hijacking.htmlmitre
- www.razer.com/communitymitre
- www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-058.txtmitre
News mentions
0No linked articles in our index yet.