CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3514 – RazerCentralSerivce Unsafe Named Pipe Permission Escalation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-3514
14 Jul 2023 — Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and calling "AddModule" or "UninstallModules" command to execute arbitrary executable file. • https://starlabs.sg/advisories/23/23-3514 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3513 – RazerCentralService Unsafe Deserialization Escalation of Privilege
https://notcve.org/view.php?id=CVE-2023-3513
14 Jul 2023 — Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and triggering an insecure .NET deserialization. Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-priv... • https://starlabs.sg/advisories/23/23-3513 • CWE-269: Improper Privilege Management CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45697
https://notcve.org/view.php?id=CVE-2022-45697
27 Feb 2023 — Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory. • http://razer.com • CWE-59: Improper Link Resolution Before File Access ('Link Following') •