Vulnerability Details CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.786
EPSS Ranking 99.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://www.rapid7.com/db/modules/exploit/windows/local/razer_zwopenprocess
- https://warroom.securestate.com/cve-2017-9769/
- https://www.exploit-db.com/exploits/42368/
- http://www.rapid7.com/db/modules/exploit/windows/local/razer_zwopenprocess
- https://warroom.securestate.com/cve-2017-9769/
- https://www.exploit-db.com/exploits/42368/