Recently, a bug was discovered in the Razer Synapse software granting unauthorized administrator access . Now, a similar bug was found in the SteelSeries software that gives anyone connecting a device complete control over a Windows 10 PC with administrator rights .
SteelSeries follows Razer
The security researcher Lawrence Amer decided to investigate after the Razer vulnerability surfaced. They discovered that there was a link on the License Agreement screen that opens with SYSTEM privileges during the device setup process, granting full access to a Windows 10 machine as administrator.
Amer opened the link at Internet explorer . Once there, it was as simple as saving a web page and starting a symbol of the elevated system from the context menu. From there, you can move around the elevated PC and do whatever an administrator can do.
This applies to all types of SteelSeries peripherals such as mice, keyboards, headphones, etc.
You don’t even need a real device as there is a method posted on a video by researcher István Tóth that actually emulates a SteelSeries or Razer device and allows you to start the installation process without even connecting any hardware.
Is SteelSeries addressing the problem?
A SteelSeries spokesperson spoke with BleepingComputer . They said, “We are aware of the identified issue and have proactively disabled the SteelSeries installer release that kicks in when a new SteelSeries appliance is plugged in. This immediately eliminates the opportunity for an exploit and we are working on a software update that will address the issue permanently and will be released soon.
So for the moment, it appears that SteelSeries has avoided the exploit. However, according to Amer, one could save the vulnerable signed executable in the temporary folder and still run it when connecting a SteelSeries device (or emulating one).