Win 10 Admin Escalation With Razor Bug – Expert Insight

By   ISBuzz Team
Writer , Information Security Buzz | Aug 24, 2021 02:19 am PST

BACKGROUND:

Jonhat on Twitter details the Zero-day admin escalation he found using Razer peripherals on Windows 10. He even includes a video example of the escalation. Excerpt:

 Need local admin and have physical access?

– Plug a Razer mouse (or the dongle)

– Windows Update will download and execute RazerInstaller as SYSTEM

– Abuse elevated Explorer to open Powershell with Shift+Right click

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Saryu Nayyar
Saryu Nayyar , CEO
August 24, 2021 10:20 am

<p>Once used, forever vulnerable. All you have to do is plug in a Razer mouse dongle and Windows 10 will automatically download a driver that will elevate privileges to local admin. From there, it’s possible to install malware that can interact with other systems on the network. This is a zero-day vulnerability, in that there is no known fix for it from the vendor. An analytics-driven cybersecurity approach is likely to find this when it occurs through system and network log files and can flag security professionals to investigate the offending computer. Otherwise, it can wreak havoc on the entire network.</p>

Last edited 2 years ago by Saryu Nayyar

Recent Posts

1
0
Would love your thoughts, please comment.x
()
x