Home News Plug in this Mouse, Get Windows Admin Privileges!

Plug in this Mouse, Get Windows Admin Privileges!

A zero-day vulnerability in Razer Synapse installation software can give you Windows admin privileges by simply plugging in the mouse. Razer is known for its gaming mice and keyboards.

SHARE
windows admin privileges
Read Aloud

Security researcher Jonhat shared a tweet exposing a zero-day vulnerability in Razer Synapse installation software. A simple plug-and-play USB or dongle can give you Windows admin privileges.

In the computer peripherals industry, Razer is known for its gaming mice and keyboards. The installation software called Synapse automatically gets downloaded when a new device is plugged in for the first time. It abuses the elevated explorer to open Powershell and get admin access.

To put it simply, if one can get admin access to Windows, they can get complete control of the operating system and install any software/hardware and play truant by also installing malware causing huge damage.

The security researcher reached out to Razer to share the vulnerability, however, he did not receive any response from them. He further disclosed the information about the zero-day vulnerability on Twitter, explaining how the bug works.

Once the exploitation began to be widely discussed and tweeted, Razer took cognizance and reached out to Jonhat. In an update, the researcher shared that he was contacted and assured by Razer that the company was working on a fix with high importance. He was also offered a bounty even though the bug was publicly disclosed.

What is PowerShell?

PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and the associated scripting language. Since the command opens with admin privileges by default, all the processes get admin access.

The Windows Vulnerability

A spate of critical vulnerabilities has been reported around Windows, the most recent being the Print Spooler bug (CVE-2021-36958). Microsoft had released security patches addressing 44 CVEs in the month of August alone.