// For flags

CVE-2021-30493

 

Severity Score

5.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other words, an attacker can create a file in an unintended directory (with some limitations).

Múltiples servicios del sistema instalados junto con el paquete de software Razer Synapse versión 3, llevan a cabo operaciones privilegiadas en las entradas dentro de la subclave ChromaBroadcast. Estas operaciones privilegiadas consisten en la concatenación de nombres de archivo de un archivo de registro de tiempo de ejecución que es usado para almacenar información de registro de tiempo de ejecución. En otras palabras, un atacante puede crear un archivo en un directorio no deseado (con algunas limitaciones)

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-04-11 CVE Reserved
  • 2021-04-14 CVE Published
  • 2023-07-07 EPSS Updated
  • 2024-08-03 CVE Updated
  • 2024-08-03 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-276: Incorrect Default Permissions
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Razer
Search vendor "Razer"
Synapse
Search vendor "Razer" for product "Synapse"
3.5.1030.101917
Search vendor "Razer" for product "Synapse" and version "3.5.1030.101917"
-
Affected