CVE-2022-47632

Name of the Vulnerable Software and Affected Versions Razer Synapse versions prior to 3.7.0830.081906

Description The issue arises due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can exploit this by placing malicious DLLs into %PROGRAMDATA%RazerSynapse3Servicebin before the service is installed, and then denying write access for the SYSTEM user. Although the service will not start if the malicious DLLs are unsigned, using self-signed DLLs is sufficient for exploitation. The validity of the DLL signatures is not checked, allowing local Windows users to abuse the Razer driver installer to obtain administrative privileges on Windows.

Recommendations For versions prior to 3.7.0830.081906, update to version 3.7.0830.081906 or later to resolve the issue. As a temporary workaround, consider restricting access to the %PROGRAMDATA%RazerSynapse3Servicebin directory to prevent malicious DLL placement. Additionally, ensure proper privilege management and certificate validation to minimize the risk of exploitation.