Razer laptops shipped in Intel Manufacturing Mode and have full R/W on the SPI flash

Scary to see Razer deals with platform security!

“After trying for a month to get this dealt with via HackerOne, I’m bringing this public. All current Razer laptops are shipped in Intel Manufacturing Mode, and have full R/W on the SPI flash. This is a direct repeat of CVE-2018-4251. This is still not fixed.”

“Hey! Thanks for mentioning us. Our Systems Team would like to check on this. Could you please tell us more about the challenges with your Razer laptop via DM and we’ll take it there.”

This isn’t just a “challenge” with my Razer laptop, but a security vulnerability in _all_ Razer laptops.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s