CVE-2017-14398

rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection.
References
Link Resource
https://twitter.com/FuzzySec/status/907722788219256832 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:razer:synapse:2.20.15.1104:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-09-13 08:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-14398

Mitre link : CVE-2017-14398

CVE.ORG link : CVE-2017-14398


JSON object : View

Products Affected

razer

  • synapse
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer