Windows 10 has several vulnerabilities which can be exploited easily. However, this time, Razer’s Synapse is involved in exploiting those vulnerabilities.
The Synapse can control RGB lighting, adjust macros, and program mouse buttons. A security researcher, Jonhat, took Twitter to share his discovery. He discovered that someone with a Razer mouse or keyboard needs to plug in the devices into a target machine, and boom, he gets SYSTEM access to Windows 10 (or Windows 11) PC.
Once a Razer peripheral or dongle is plugged into a PC with Windows 10 or 11. The OS automatically attempts to download the requisite Synapse software to enable full functionality. After this, it runs RazerInstaller.exe with SYSTEM privileges which shows a prompt directing you to select a folder for the installation. After this, In File Explorer, press Shift + mouse right-click simultaneously to open “Open PowerShell Windows” in the resulting dropdown menu.
In the Powershell interface, type “whoami’ which then presents “nt authority\system.” This confirms full SYSTEM privileges to execute commands.
Indeed, the exploit is quite bad, considering its simplicity. However, Razer’s initial response worsened the situation. As per Jonhat, he contacted Razer privately to inform them about the issue; unfortunately, there was no response.
Due to the company’s silence, Jonhat decided to reveal his findings to the public. The post caught the eye of Razer’s security team. He posted an update stating that the security team contacted him and told him that they are working on a fix that will be incorporated into a future software update. The team also offered him a bounty.