CVE-2023-32162

HIGH 7.8

Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the WacomInstallI.txt file by the PrefUtil.exe utility. The issue results from incorrect permissions on the WacomInstallI.txt file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16318.

CWE	CWE-732
Vendor	wacom
Product	drivers for windows
Published	Sep 6, 2023
Last Updated	Sep 26, 2024

Stay Ahead of the Next One

Get instant alerts for wacom drivers for windows

Be the first to know when new high vulnerabilities affecting wacom drivers for windows are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Versions

Wacom / Drivers for Windows

6.3.45

References

NVD ↗ CVE.org ↗ EPSS Data ↗

zerodayinitiative.com: https://www.zerodayinitiative.com/advisories/ZDI-23-741