CVE-2022-47631

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 14, 2023
Updated: Feb 16, 2024
CWE ID 367

Summary

CVE-2022-47631, also known as Razer Synapse privilege escalation vulnerability, affects Razer Synapse versions up to 3.7.1209.121307. Attackers can exploit an unsafe installation path and improper privilege management to gain administrative privileges on Windows. By placing DLLs into the designated directory before the service is installed and denying write access for the SYSTEM user, attackers can replace a valid DLL with a malicious one after the service has already checked the file, exploiting a race condition. This vulnerability poses a high risk to organizations as it allows local Windows users to elevate their privileges and potentially gain unauthorized access to sensitive information or perform malicious actions on affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2022-47631 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database