Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this vulnerability to raise load arbitrary launchD agents. An attacker would need local access to the machine for a successful exploit.
CVSS Information
N/A
Vulnerability Type
参数注入或修改
Vulnerability Title
Wacom driver 参数注入漏洞
Vulnerability Description
Wacom driver是一款用于连接和管理平台电脑的驱动程序。 Wacom driver 6.3.32-3版本中的‘startLaunchDProcess’和‘stopLaunchDProcess’函数存在参数注入漏洞。该漏洞源于外部输入数据构造命令参数的过程中,网络系统或产品未正确过滤参数中的特殊字符。攻击者可利用该漏洞执行非法命令。
CVSS Information
N/A
Vulnerability Type
N/A