Recently, a bug was discovered in the Razer Synapse software that granted unauthorized admin access. Now, a similar bug was found in SteelSeries software that gives anyone who plugs in a device complete control over a Windows 10 PC with admin rights.
SteelSeries is Following Razer
Security researcher Lawrence Amer decided to investigate after the Razer vulnerability popped up. They found that there was a link in the License Agreement screen that is opened with SYSTEM privileges during the device setup process, thus granting full access to a Windows 10 machine as an admin.
Amer opened the link in Internet Explorer. Once there, it was as simple as saving a web page and launching an elevated Command Prompt from the right-click menu. From there, you can move around the PC with elevated privileges and do anything an admin can do.
This applies to all sorts of SteelSeries peripherals such as mice, keyboards, headsets, and so on.
You don’t even need an actual device, as there’s a method published in a video by researcher István Tóth that actually emulates a SteelSeries or Razer device and lets you launch the installation process without even plugging in any hardware.
Is SteelSeries Addressing the Problem?
A SteelSeries spokesperson talked to BleepingComputer. They said, “We are aware of the issue identified and have proactively disabled the launch of the SteelSeries installer that is triggered when a new SteelSeries device is plugged in. This immediately removes the opportunity for an exploit and we are working on a software update that will address the issue permanently and be released soon.”
So, for the time being, it looks like SteelSeries has prevented the exploit. However, according to Amer, one could save the vulnerable signed executable in the temporary folder and still run it when plugging in a SteelSeries device (or emulating one).