CVE-2023-27529

HIGH

Wacom Tablet Driver Installer < 6.4.2-1 - Improper Link Resolution Before File Access

Title source: llm

Description

Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an improper link resolution before file access vulnerability. When a user is tricked to execute a small malicious script before executing the affected version of the installer, arbitrary code may be executed with the root privilege.

References (2)

Core 2

Core References

Third Party Advisory

https://jvn.jp/en/jp/JVN90278893/

Product

https://www.wacom.com/en-us/support/product-support/drivers

Scores

CVSS v3 7.8

EPSS 0.0024

EPSS Percentile 14.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-59

Status published

Products (1)

wacom/tablet_driver_installer < 6.4.2-1

Published May 25, 2023

Tracked Since Feb 18, 2026