SteelSeries App Also Vulnerable to Elevation of Privilege on Windows

  • The SteelSeries connectivity and configuration app is also vulnerable to an LPE flaw.
  • The exploit process is similar to that for Razer Synapse, and the result is equally risky.
  • SteelSeries acknowledged the problem and promised to roll out a fixing update soon.

A researcher inspired by the recent privilege elevation finding on the ‘Razer Synapse’ product has decided to take a look at similar software where the same vulnerability could be present. As he has confirmed on Twitter, the SteelSeries app is also affected by a similar issue, and in this case, the attacker wouldn’t even need to use a device from the brand. The user has also released a proof of concept video to demonstrate how trivial the exploitation would be, as long as the attacker has physical access to an unlocked Windows 10 system.

The exploitation involves a similar trick as with Razer, where the attacker would right-click on the installation location selector, opening a Power Shell prompt during the installation of the app, and gaining admin rights to run any code on the shell since the installer and anything opened through it run as NT AUTHORITY\SYSTEM. The difference in the SteelSeries case is that the right click has to be done on the License Agreement step, as the installation of the app is done on a fixed location and doesn’t let the user choose an alternative folder.

If the attacker doesn’t have a SteelSeries mouse, keyboard, or even a headset to use, emulating one using a smartphone does the trick just fine. A script that emulates a SteelSeries Apex keyboard device on Android phones is freely available on GitHub, so that aspect is covered for the attacker.

The researcher stated that he attempted to inform SteelSeries of the bug, but he couldn’t find a channel to report vulnerabilities, so he just published his finding on Twitter. After all, following the Razer finding, it is not only white-hat hackers who are on the look for bugs of this kind, and there’s no time on back n forth communication with automated responses and re-directions.

SteelSeries was quick to respond on the social media platform with the following statement:

We are aware of the issue identified and have proactively disabled the launch of the SteelSeries installer that is triggered when a new SteelSeries device is plugged in. This immediately removes the opportunity for an exploit and we are working on a software update that will address the issue permanently and be released soon.

As such, if you’re using the SteelSeries app, make sure to apply the update as soon as it becomes available. Also, secure your computer from untrustworthy physical access and lock Windows when you’re about to leave your computer unattended in risky places.

REVIEW OVERVIEW

Latest

Why Is Demon Slayer So Popular?

In August 2019, the world suddenly started talking about an anime series that had just released its nineteenth episode. Fast forward to...

F1 Live Stream 2022: How to Watch Formula 1 Without Cable

There's not much time until the 2022 Formula 1 World Championship gets underway - the first race is scheduled for late March,...

Disney+ Announces Basketball Series Inspired By Award-Winning Book The Crossover

Disney Plus announced a new basketball-themed drama series that is set to land on the streaming platform, drawing inspiration from the critically...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari