Win 10 Admin Escalation With Razor Bug – Expert Insight

By   ISBuzz Team
Writer , Information Security Buzz | Aug 24, 2021 02:19 am PST

BACKGROUND:

Jonhat on Twitter details the Zero-day admin escalation he found using Razer peripherals on Windows 10. He even includes a video example of the escalation. Excerpt:

 Need local admin and have physical access?

– Plug a Razer mouse (or the dongle)

– Windows Update will download and execute RazerInstaller as SYSTEM

– Abuse elevated Explorer to open Powershell with Shift+Right click