3 results (0.034 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and calling "AddModule" or "UninstallModules" command to execute arbitrary executable file. • https://starlabs.sg/advisories/23/23-3514 • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and triggering an insecure .NET deserialization. • https://starlabs.sg/advisories/23/23-3513 • CWE-269: Improper Privilege Management CWE-502: Deserialization of Untrusted Data •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory. • http://razer.com https://github.com/Wh04m1001/CVE • CWE-59: Improper Link Resolution Before File Access ('Link Following') •