NuytsTech Security

CVE-2021-44226

by ·

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%RazerSynapse3Servicebin even if %PROGRAMDATA%Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there.

Date published : 2022-03-23

http://seclists.org/fulldisclosure/2022/Mar/51

http://packetstormsecurity.com/files/166485/Razer-Synapse-3.6.x-DLL-Hijacking.html

Tags: