![]() ![]() To create a spoofing scenario (like the one you outlined), a malicious party would first need to obtain the private key from the root certificate, then create a new certificate to leverage the chain of trust. ' The root certificate is bound to the identity of the user’s machine so any browser would reject it as insecure if it were copied and used to identify a website by any party. Razer has issued the following statement downplaying the risk of the patched release's per-machine certificate outlined by the original security researcher. Razer has not commented publicly on the vulnerability. If no error appears in the browser, the certificate needs to be removed either by finding the ' Razer Chroma SDK' certificate in the Trusted Root Certification Authorities store or by upgrading to the latest release of Synapse - uninstalling the software, meanwhile, may leave the certificate behind. The researcher notes, however, that it's only partially resolved: ' These versions still install a root certificate with private key - and are thus able to MITM local TLS network traffic and undermine other local cryptographic operations - but the certificate is now generated per-install.'Ĭoncerned Razer Synapse users can visit in a browser which relies on the Windows certificate store - such as Chrome or Edge - to confirm whether they have the shared root certificate installed. While Razer has not engaged directly with the researcher, it has confirmed through bug bounty platform HackerOne that the certificate has been switched out as of Chroma SDK Core 3.4.3 - the currently-shipping version. Additionally, since Razer Synapse 3/Chroma SDK come pre-installed on many Razer products - such as the Stealth and Blade laptops - many of these consumer laptops came shipped with this root certificate already installed, and are vulnerable out of the box.' ' This key is extractable on Windows hosts, and can subsequently be used to launch SSL/MITM attacks against other Razer Synapse users. This component installs a root certificate - with the private key - which is the same across installs,' the researcher explains in a public notification to the Full Disclosure mailing list. ' On Windows, Razer Synapse 3 installs an optional component - the Razer Chroma SDK - by default. Unfortunately, a security researcher who has chosen to remain anonymous has discovered a serious flaw in the software: The installation of a root security certificate, complete with private key, which can be extracted and used to attack any other system with the Synapse software installed. ![]() The software side of Razer's gaming peripheral and RGB lighting ecosystem, Synapse is a must-install tool for managing its various products. An anonymous security researcher has warned of a security certificate vulnerability in Razer's Synapse software, partially resolved in a recent update but still giving the company the ability to perform man-in-the-middle (MITM) attacks on customers' encrypted network traffic at will. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |