Main Vulnerability Database Vulnerabilities #VU76623

Incorrect Privilege Assignment in Wacom Drivers for Windows - CVE-2023-32162

Published: May 30, 2023

Vulnerability identifier: #VU76623

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-32162

CWE-ID: CWE-266

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Wacom Drivers for Windows

Software vendor:
Wacom

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect permissions when handling the WacomInstallI.txt file by the PrefUtil.exe utility, which leads to security restrictions bypass and privilege escalation.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.zerodayinitiative.com/advisories/ZDI-23-741/

Incorrect Privilege Assignment in Wacom Drivers for Windows - CVE-2023-32162

Description

Remediation

External links

Please verify you're human