CVE-2025-27811
BaseFortify
Publication date: 2025-06-04
Last updated on: 2025-06-09
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| razer | synapse_4 | to 4.0.86.2502180127 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-27811 is a local privilege escalation vulnerability in Razer Synapse 4, specifically in the razer_elevation_service.exe component. It occurs because this service improperly handles inter-process communication (IPC), allowing a local attacker with limited privileges to send crafted IPC requests that execute arbitrary code with SYSTEM-level privileges. This means an attacker who already has some access to the system can escalate their privileges to gain full control. [1]
How can this vulnerability impact me? :
This vulnerability can allow a local attacker to escalate their privileges to SYSTEM level, effectively gaining full control over the affected system. This can lead to unauthorized access to sensitive data, installation of malicious software, and complete compromise of the system's security. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the vulnerable version of razer_elevation_service.exe (version 1.1.0.5) is present on the system, specifically within Razer Synapse 4 version 4.0.86.2502180127 or earlier. You can use commands to query the version of the executable, such as on Windows PowerShell: Get-Item 'C:\Program Files\Razer\Synapse\razer_elevation_service.exe' | Select-Object VersionInfo. Additionally, monitoring for unusual IPC requests or suspicious local processes attempting to communicate with razer_elevation_service.exe may help detect exploitation attempts. However, no specific detection commands are provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the razer_elevation_service.exe component to version 1.1.0.6 or later, which contains the fix for this vulnerability. This typically involves updating Razer Synapse 4 to a version newer than 4.0.86.2502180127. Until the update is applied, restrict local user access to the system to trusted users only, as exploitation requires local access. [1]