Attackers can exploit an open API listener on SteelSeries GG 36.0.0 to create a sub-application that will be executed automatically from a controlled location, because of a path traversal vulnerability.
https://www.akamai.com/blog/security-research/exploit-steelseries-subapp-privilege-escalation