CVE-2023-27529

Summary

Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an improper link resolution before file access vulnerability. When a user is tricked to execute a small malicious script before executing the affected version of the installer, arbitrary code may be executed with the root privilege.

Affected Software

VendorProductVersion RangeStatus
WacomWacom Tablet Driver installerprior to 6.4.2-1 (for macOS)affected

Weaknesses

  • Improper link resolution before file access ('Link Following')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References