A security flaw in the Razer Synapse application, which serves to configure Razer gaming peripherals on the PC, allows anyone to have access to administrator rights in Windows.
The problem was discovered by a Twitter user identified as “j0nh4t” and posted on the social network last Saturday (21). Razer was informed of the issue, but did not give a satisfactory answer and so he decided to disclose it.
According to the expert, it’s possible to take advantage of the loophole even with a $20 Razer mouse. He explained the failure step by step and even released a screenshot showing how he discovered the error.
It all starts with the fact that when a device is plugged into the PC, Windows Update automatically downloads Razer Synapse. The program is installed and then run as a System user who has administrator rights to the operating system.
Upon installation, the user is asked to decide the directory where Synapse will be stored. Since everything is running by a System user, you can press Shift+Right button on an empty space to open the PowerShell window with administrator privileges.
As the System profile is the highest level of Windows access privilege, it is possible to perform any task on the machine and install any software without needing permission from the real owner of the machine. Check out the video of the security breach below.
In a statement sent to ThreatPost, Razer admitted the problem, but called the situation a “very specific use case.”
“We’ve investigated the issue, we are currently making changes to the install application to limit this use case and we will release an updated version shortly. The use of our software (including the installation application) does not provide unauthorized third party access to the machine”, says an excerpt from the note.
The company also defended that it has a “commitment to guarantee the digital security” of all its systems and services.