CVE-2017-9769 – Razer Synapse rzpnk.sys ZwOpenProcess

https://notcve.org/view.php?id=CVE-2017-9769

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. Se podría enviar una llamada IOCTL especialmente manipulada al controlador rzpnk.sys en Razer Synapse 2.20.15.1104 que se reenviaría a ZwOpenProcess, permitiendo que se abra un manipulador para un proceso arbitrario. A vulnerability exists in the latest version of Razer Synapse (v2.20.15.1104 as of the day of disclosure) which can be leveraged locally by a malicious application to elevate its privileges to those of NT_AUTHORITY\SYSTEM. • https://www.exploit-db.com/exploits/42368 https://github.com/kkent030315/CVE-2017-9769 http://www.rapid7.com/db/modules/exploit/windows/local/razer_zwopenprocess https://warroom.securestate.com/cve-2017-9769 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/local/razer_zwopenprocess.rb •