CVE-2020-16602

HIGH

Razer Chroma SDK < 3.12.17 - Remote Code Execution via Race Condition in App Registration

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-16602. PoCs published by Loke Hui Yi.

AI-analyzed exploit summary This exploit leverages a race condition in Razer Chroma SDK Server to achieve remote file execution by registering a malicious application and exploiting writable directories. The PoC demonstrates the vulnerability by sending crafted requests to the Chroma SDK server.

Description

Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server. The attacker must have access to port 54236 for a registration step.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Loke Hui Yi · pythonremotewindows
https://www.exploit-db.com/exploits/49106

This exploit leverages a race condition in Razer Chroma SDK Server to achieve remote file execution by registering a malicious application and exploiting writable directories. The PoC demonstrates the vulnerability by sending crafted requests to the Chroma SDK server.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Racy
Target: Razer Chroma SDK Server <= v3.12.17
No auth needed
Prerequisites: Write access to the ProgramData folder · Network access to the Chroma SDK server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory x_refsource_misc
https://www.youtube.com/watch?v=fkESBVhIdIA

Scores

CVSS v3 8.1
EPSS 0.0599
EPSS Percentile 92.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (1)
razer/chroma_sdk < 3.12.17
Published Sep 02, 2020
Tracked Since Feb 18, 2026