CVE-2017-11652

HIGH

8.4

CVSS Severity Score

EPSS Score0.0250%

EPSS Percentile15.51th

Published2017年8月18日

Last Modified2026年5月13日

Vulnerability Description

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file.

Affected Platforms (CPE)

📦

Razer

Synapse

<= 2.20.15.1104

References & Advisories

🔗 http://packetstormsecurity.com/files/143516/Razer-Synapse-2.20-DLL-Hijacking.html

相关漏洞威胁

CVE-2017-157089.8

In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or al...

CVE-2019-188359.8

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /send_join, /send_leave, and /...

CVE-2017-97699.8

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess a...

CVE-2018-165158.8

Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging i...