CVE-2019-13208

HIGH

Waves MAXX Audio 1.9.29.0 - Privilege Escalation via Registry Key Permission

Title source: llm
STIX 2.1

Description

WavesSysSvc in Waves MAXX Audio allows privilege escalation because the General registry key has Full Control access for the Users group, leading to DLL side loading. This affects WavesSysSvc64.exe 1.9.29.0.

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://versprite.com/blog/security-research/windows-registry/

Scores

CVSS v3 7.3
EPSS 0.0042
EPSS Percentile 33.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-732
Status published
Products (1)
maxx/waves_maxx_audio 1.9.29.0
Published Jul 03, 2019
Tracked Since Feb 18, 2026