pwning asus driverhub, msi center, acer control centre and razer synapse 4

This technical write-up documents the discovery and exploitation of seven vulnerabilities across consumer “bloatware” utilities (ASUS DriverHub, MSI Center, Acer Control Centre, Razer Synapse, etc.), including RCE and LPE vectors enabled by misconfigured local services (HTTP on localhost, named pipes, COM and RPC), flawed origin and PE-signature checks, and race conditions; the author provides PoCs, reproduction steps, and disclosure timelines with CVE assignments.