Privilege Escalation Vulnerability in Wacom Driver by Wacom
CVE-2019-5013

7.1HIGH

Key Information:

Vendor: Wacom
Status: Wacom
Vendor: CVE Published:; 24 October 2019

What is CVE-2019-5013?

A privilege escalation vulnerability in Wacom's driver version 6.3.32-3 enables local users to execute arbitrary commands with elevated permissions. The flaw exists in the update helper service which improperly handles user-supplied string arguments in the start/stopLaunchDProcess command. This vulnerability allows an attacker with local machine access to manipulate launchctl under root context, potentially leading to the execution of malicious launchD agents.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Wacom Wacom macOS - Driver 6.3.32-3

References

https://talosintelligence.com/vulnerability_reports/TALOS...

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Oct 24, 2019
Vulnerability Reserved
Jan 4, 2019

JSON

Wacom

What is CVE-2019-5013?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.