CVE-2025-9869

Name
CVE-2025-9869
Description
Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Razer Synapse Service. By creating a symbolic link, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-26374.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
x_research-advisory https://www.zerodayinitiative.com/advisories/ZDI-25-919/

Match rules

CPE URI Source package Min version Max version
synapse-3 == 3.10.228.21112 == 3.10.228.21112
cpe:2.3:a:razer:synapse:*:*:*:*:*:*:*:* synapse >= None < 3.10.730.71519

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
synapse edge-community 1.146.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.145.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.144.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.143.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.142.1-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.142.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.141.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.140.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.139.2-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.139.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.138.2-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.138.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.137.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.136.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.135.2-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.135.1-r0 None possibly vulnerable
synapse edge-community 1.135.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.134.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.133.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.132.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.131.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.130.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.129.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse edge-community 1.128.0-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.127.1-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.127.0-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.126.0-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.125.0-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.124.0-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.123.0-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.122.0-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.121.1-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.120.2-r0 jahway603 <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.112.0-r0 Jah Way <jahway603@protonmail.com> possibly vulnerable
synapse edge-community 1.110.0-r0 6543 <6543@obermui.de> possibly vulnerable
synapse edge-community 1.105.1-r0 6543 <6543@obermui.de> possibly vulnerable
synapse edge-community 1.95.1-r0 6543 <6543@obermui.de> possibly vulnerable
synapse edge-community 1.94.0-r0 6543 <6543@obermui.de> possibly vulnerable
synapse edge-community 1.93.0-r0 6543 <6543@obermui.de> possibly vulnerable
synapse edge-community 1.85.1-r0 6543 <6543@obermui.de> possibly vulnerable
synapse edge-community 1.74.0-r0 6543 <6543@obermui.de> possibly vulnerable
synapse edge-community 1.69.0-r0 None possibly vulnerable
synapse edge-community 1.68.0-r0 None possibly vulnerable
synapse edge-community 1.61.1-r0 6543 <6543@obermui.de> possibly vulnerable
synapse edge-community 1.47.1-r0 Leo <thinkabit.ukim@gmail.com> possibly vulnerable
synapse edge-community 1.41.1-r0 Leo <thinkabit.ukim@gmail.com> possibly vulnerable
synapse edge-community 1.33.2-r0 None possibly vulnerable
synapse edge-community 1.30.1-r0 None possibly vulnerable
synapse edge-community 1.24.0-r0 None possibly vulnerable
synapse edge-community 1.21.1-r0 None possibly vulnerable
synapse edge-community 1.20.0-r0 None possibly vulnerable
synapse 3.23-community 1.146.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.23-community 1.145.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.23-community 1.144.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.142.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.141.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.140.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.139.2-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.139.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.138.2-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.138.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.137.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.136.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.135.1-r0 None possibly vulnerable
synapse 3.22-community 1.130.0-r0 jahway603 <jahway603@tutanota.de> possibly vulnerable
synapse 3.22-community 1.127.1-r0 None possibly vulnerable
synapse 3.22-community 1.120.2-r0 None possibly vulnerable
synapse 3.22-community 1.112.0-r0 None possibly vulnerable
synapse 3.22-community 1.110.0-r0 None possibly vulnerable
synapse 3.22-community 1.105.1-r0 None possibly vulnerable
synapse 3.22-community 1.95.1-r0 None possibly vulnerable
synapse 3.22-community 1.94.0-r0 None possibly vulnerable
synapse 3.22-community 1.93.0-r0 None possibly vulnerable
synapse 3.22-community 1.85.1-r0 None possibly vulnerable
synapse 3.22-community 1.74.0-r0 None possibly vulnerable
synapse 3.22-community 1.69.0-r0 None possibly vulnerable
synapse 3.22-community 1.68.0-r0 None possibly vulnerable
synapse 3.22-community 1.61.1-r0 None possibly vulnerable
synapse 3.22-community 1.47.1-r0 None possibly vulnerable
synapse 3.22-community 1.41.1-r0 None possibly vulnerable
synapse 3.22-community 1.33.2-r0 None possibly vulnerable
synapse 3.22-community 1.30.1-r0 None possibly vulnerable
synapse 3.22-community 1.24.0-r0 None possibly vulnerable
synapse 3.22-community 1.21.1-r0 None possibly vulnerable
synapse 3.22-community 1.20.0-r0 None possibly vulnerable