CVE-2017-9769
CVE-2017-9769
Vexday Risk Score
60Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Popular PoC on GitHub (14 stars) — exploitation code widely available.
CVSS —EPSS 85.5%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Lifecycle
22 Mar 2017Metasploit module available
24 Jul 2017Public PoC
02 Aug 2017Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/kkent030315/CVE-2017-9769★ 14cve_referencewww.exploit-db.com/exploits/42368/unverifiedexploitdbwww.exploit-db.com/exploits/42368unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.