Razer Synapse is generally a decent piece of software, and the company makes some of the best gaming mice. However, the software has a new zero-day vulnerability that allows just about anyone to gain admin rights on a computer by simply plugging in a mouse or keyboard.
The vulnerability was first discovered by Security researcher jonhat and posted on Twitter. It was then tested and verified by Bleeping Computer. The publication was able to confirm that the vulnerability does exist.
All you need to do is plug in a razer mouse, dongle, or keyboard. Next, Windows 10 will download and execute RazerInstaller as SYSTEM, which grants full privileges. From there, you can use the elevated Explorer to open Powershell with a keyboard shortcut. Once that’s done, the sky’s the limit in terms of what you can do on the computer.