Primary

Context

Razer Synapse 4 Local Privilege Escalation Vulnerability

Vulnerability

Patched

A local privilege escalation vulnerability has been identified in Razer Synapse 4, specifically in the component 'razer_elevation_service.exe', version 4.0.86.2502180127. This vulnerability allows local attackers with limited privileges to escalate their rights by exploiting a flawed COM interface in the service. The issue arises from improper handling of inter-process communication, enabling the execution of arbitrary code with SYSTEM-level privileges.

Impact

Exploitation of this vulnerability allows for local privilege escalation, enabling attackers to execute code with elevated SYSTEM privileges.

Remediation

Users can update to Razer Synapse 4 version 4.0.86.2502180127 to address this vulnerability. The issue has been fixed in component version 1.1.0.6.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Razer Synapse 4 Local Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Razer Synapse 4

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating