CVE-2017-11652

HIGH

8.4

CVSS Severity Score

EPSS Score0.0250%

EPSS Percentile15.51th

PublishedAug 18, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file.

Affected Platforms (CPE)

📦

Razer

Synapse

<= 2.20.15.1104

References & Advisories

🔗 http://packetstormsecurity.com/files/143516/Razer-Synapse-2.20-DLL-Hijacking.html

Related Vulnerabilities

CVE-2017-157089.8

In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or al...

CVE-2019-188359.8

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /send_join, /send_leave, and /...

CVE-2017-97699.8

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess a...

CVE-2018-165158.8

Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging i...