Vulnerability Spotlight: Multiple vulnerabilities in Wacom Update Helper

Vulnerability Spotlight: Multiple vulnerabilities in Wacom Update Helper

Tyler Bohan of Cisco Talos discovered these vulnerabilities.

Executive summary


There are two privilege escalation vulnerabilities in the Wacom update helper. The update helper is a utility installed alongside the macOS application for Wacom tablets. The application interacts with the tablet and allows the user to manage it. These vulnerabilities could allow an attacker with local access to raise their privileges to root.

In accordance with our coordinated disclosure policy, Cisco Talos worked with Wacom to ensure that these issues are resolved and that an update is available for affected customers.

Vulnerability details


Wacom update helper tool startProcess privilege escalation vulnerability (TALOS-2018-0760/CVE-2019-5012)

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a successful exploit.

Read the complete vulnerability advisory here for additional information.

Wacom update helper tool start/stopLaunchDProcess privilege escalation vulnerability (TALOS-2018-0761/CVE-2019-5013)

An exploitable privilege escalation vulnerability exists in the Wacom update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this ..