Security: plug in a Razer mouse or keyboard and gain admin privileges in Windows 10

Razer mice

A worrying security flaw has been discovered in Razer Synapse software which can be exploited to gain administrator privileges in Windows 10. What is particularly concerning about this vulnerability -- aside from the fact that there is no patch available yet -- is that exploitation is possible by simply plugging in a Razer mouse, keyboard or dongle.

Pretty much the only thing that isn't disturbing about this security hole is that it is a local privilege escalation (LPE) vulnerability, meaning an attacker would need physical access to a system to exploit it. Nonetheless, the zero-day can be taken advantage of by anyone splashing out a few bucks on a cheap Razer peripheral.

See also:

Advertisement

The security bug is shockingly simple to exploit and essentially gives an attacker free rein to do whatever they want to a system. When a mouse, keyboard or dongle from Razer is connected to a computer, the software installer is automatically downloaded and run with SYSTEM privileges. During the installation, it is then possible to use the Windows context menu to open a PowerShell prompt and this will retain the same privileges, allowing for wide-ranging and dangerous commands to be executed.

The vulnerability was discovered by hacker jonhat (whose Twitter bio reads: "while true;do eat;sleep;hack;game;done"). He tweeted details of how to exploit the security flaw as well as a video of the attack in action:

He later tweeted to say that he had been contacted by Razer who assured him that the company's security team is busy working on a fix. Additionally, despite having publicly disclosed the security flaw, jonhat says that Razer offered him a bug bounty, although he did not go as far as sharing details of its size.

© 1998-2021 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.