A security vulnerability posted on Twitter shows that anyone can obtain admin access on Windows 10 or Windows 11 systems by plugging in a Razer device.
How Does the Razer Synapse Bug Work?
When you plug your Razer mice or keyboard into the system, Windows will automatically fetch and install the Razer Synapse software. It’s a cloud-based device configuration tool that lets users customize RGB lighting, keyboard hotkeys, and Alexa profiles.
Windows will then execute the RazerInstaller.exe file to install Synapse. However, as with other system-level tasks, this will also be called with admin privileges. So it doesn’t matter which user has plugged the component; the installer will run as admin.
Once the Synapse installer is running, users can select where to install it. You can choose the target folder via browsing the file explorer. Here, you can open a command prompt by right-clicking on the installer window and pressing the Shift key.
It will open a new Powershell terminal with system-wide permission. Anyone has complete control over the host device at this point and may install malware or any other tool.
Can You Prevent the Razer Synapse Exploit?
No official patch is available to mitigate this exploit as of now. However, Razer has confirmed that a fix is underway. All we can do at this point is be cautious and control access to our machine vigorously. Plus, despite being an easy hack, this exploit requires physical access to the device. It makes escalation almost impossible for remote hackers.
So how can you mitigate the risks? Keep your devices secure at all times, so that no one can gain access to them.
Similar bugs have also been reported in devices of other manufacturers. The SteelSeries bug is one of the most notable ones.
