CVE-2020-16602

moderate-risk
Published 2020-09-02

Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server. The attacker must have access to port 54236 for a registration step.

Do I need to act?

!
18.6% chance of exploitation in next 30 days
EPSS score — higher than 81% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
49106
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.1/10 High
NETWORK / HIGH complexity

Affected Products (1)

Affected Vendors

Razer

References (8)

Exploit http://packetstormsecurity.com/files/160225/Razer-Chroma-SDK-Server-3.16.02-Race...
Vendor Advisory https://assets.razerzone.com/dev_portal/REST/html/index.html
Third Party Advisory https://www.angelystor.com/2020/09/cve-2020-16602-remote-file-execution-on.html
Third Party Advisory https://www.youtube.com/watch?v=fkESBVhIdIA
Exploit http://packetstormsecurity.com/files/160225/Razer-Chroma-SDK-Server-3.16.02-Race...
Vendor Advisory https://assets.razerzone.com/dev_portal/REST/html/index.html
Third Party Advisory https://www.angelystor.com/2020/09/cve-2020-16602-remote-file-execution-on.html
Third Party Advisory https://www.youtube.com/watch?v=fkESBVhIdIA
49
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 20/34 · Moderate
Exposure 5/34 · Minimal