Description
WavesSysSvc in Waves MAXX Audio allows privilege escalation because the General registry key has Full Control access for the Users group, leading to DLL side loading. This affects WavesSysSvc64.exe 1.9.29.0.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://versprite.com/blog/security-research/windows-registry/
Scores
CVSS v3
7.3
EPSS
0.0005
EPSS Percentile
14.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-732
Status
published
Products (1)
maxx/waves_maxx_audio
1.9.29.0
Published
Jul 03, 2019
Tracked Since
Feb 18, 2026