Now plugging in a keyboard can let you hijack Windows 10 admin rights

Exploit can work even on emulated devices, claim researchers

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A bug in the official app that helps installSteelSeriesdevices onWindows 10can be exploited to obtain administrator privileges,cybersecurityexperts have found.

The exploit was discovered by offensive security researcher Lawrence Amer, who was encouraged by the zero-day vulnerabilitydiscovered by another security researcherin the plug-and-play installation mechanism ofRazer micethat also helped elevated privileges.

Having wondered if the same can be achieved with other devices,Amer foundthat the plug-and-play installation mechanism of SteelSeries devices was also exploitable.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

“Since the process wrapper of this software is running with SYSTEM privileges, the attacker could abuse the installation path to launch a prompt command with the same permission,” explains Amer as he details the exploit.

Wide repercussions

Detailing the process, Amer notes that he tried a couple of things before he discovered that he could get elevated privileges during the SteelSeries keyboard setup process, using a link in the License Agreement screen that is opened with SYSTEM privileges.

More worryingly,BleepingComputerreports that threat actors can replicate this behaviour even without using a real SteelSeries device, thanks to ascriptwritten by penetration testing researcher István Tóth, which can be used to mimic human interface devices (HID) onAndroid phones.

Designed specifically for testing local privilege escalation attacks, the script can successfully emulate bothRazerand SteelSeries devices.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

After Amer published his research, Tóth posteda video on Twittershowing that the exploit could be replicated on devices virtualized by his script.

For their part, SteelSeries toldBleepingComputerthat it was aware of the research, because of which it has now disabled automatically launching the installer when a device is plugged.

“This immediately removes the opportunity for an exploit and we are working on a software update that will address the issue permanently and be released soon,” said the SteelSeries spokesperson.

ViaBleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption

Samsung plans record-breaking 400-layer NAND chip that could be key to breaking 200TB barrier for ultra large capacity AI hyperscaler SSDs

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)