Known Vulnerabilities for products from Razer
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Razer".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-3514 | Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious... | 7.8 - HIGH | 2023-07-14 | 2023-07-27 |
| CVE-2023-3513 | Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious... | 7.8 - HIGH | 2023-07-14 | 2023-07-27 |
| CVE-2022-47632 | Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege manag... | 6.8 - MEDIUM | 2023-01-27 | 2023-09-18 |
| CVE-2022-47631 | Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege m... | 7 - HIGH | 2023-09-14 | 2023-09-19 |
| CVE-2022-45697 | Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory. | 7.8 - HIGH | 2023-02-27 | 2023-03-06 |
| CVE-2022-29014 | A local file inclusion vulnerability in Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to read arbitrary file... | 7.5 - HIGH | 2022-06-09 | 2022-06-17 |
| CVE-2022-29013 | A command injection in the command parameter of Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to execute arb... | 9.8 - CRITICAL | 2022-06-09 | 2023-08-08 |
| CVE-2021-44226 | Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bi... | 7.3 - HIGH | 2022-03-23 | 2023-09-18 |
| CVE-2021-30494 | Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries with... | 5.5 - MEDIUM | 2021-04-14 | 2021-04-22 |
| CVE-2021-30493 | Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries with... | 5.5 - MEDIUM | 2021-04-14 | 2021-04-22 |
| CVE-2020-16602 | Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race co... | 8.1 - HIGH | 2020-09-02 | 2022-12-03 |
| CVE-2019-13142 | The RzSurroundVADStreamingService (RzSurroundVADStreamingService.exe) in Razer Surround 1.1.63.0 runs as the SYSTEM user usin... | 5.5 - MEDIUM | 2019-07-09 | 2020-08-24 |
| CVE-2017-14398 | rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently ... | 7.8 - HIGH | 2017-09-13 | 2020-05-20 |
| CVE-2017-11653 | Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain priv... | 7.8 - HIGH | 2017-08-18 | 2021-08-12 |
| CVE-2017-11652 | Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gai... | 8.4 - HIGH | 2017-08-18 | 2021-08-12 |
| CVE-2017-9769 | A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProc... | 9.8 - CRITICAL | 2017-08-02 | 2020-05-28 |
Known software with vulnerabilities from Razer
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Razer | Chroma Sdk | - |
| Application | Razer | Surround | 1.1.63.0 |
| Application | Razer | Synapse | 2.20.15.1104 |