CVE-2021-30493

EPSS 0.5%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

14 Apr 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other words, an attacker can create a file in an unintended directory (with some limitations).

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://versprite.com/advisories/razer-synapse-3-cve-2021-30493/https://versprite.com/blog/security-research/razer-synapse-3-security-vulnerability-analysis-report/https://versprite.com/security-resources/