CVE-2021-30494

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/04/2021
Last modified:
22/04/2021

Description

Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other words, an attacker can create a file in an unintended directory (with some limitations).

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:razer:synapse:3.5.1030.101917:*:*:*:*:*:*:*