CVE-2023-32163 PoC — Wacom driver 后置链接漏洞

Source

https://github.com/LucaBarile/ZDI-CAN-16857

Associated Vulnerability

Title:Wacom driver 后置链接漏洞 (CVE-2023-32163)
Description:Wacom driver是一款用于连接和管理平台电脑的驱动程序。 Wacom Drivers for Windows存在后置链接漏洞，该漏洞源于平板电脑服务中存在特定缺陷，通过创建符号链接，攻击者可以滥用该服务来创建文件，攻击者利用此漏洞可以提升权限并在 SYSTEM 上下文中执行任意代码。

Description

Exploit and report for CVE-2023-32163

Readme

# Exploit for CVE-2023-32163 (ZDI-CAN-16857) [0-day]
<p align="center">
  <img src="POC.gif" title="IGPF loads the barol92 json files locally">
</p>
<hr>
<a href="https://lucabarile.github.io/Blog/ZDI-CAN-16857/index.html" target="_blank" rel="noopener noreferrer">Here</a> you can read my report &#128220;<br>
<a href="https://www.buymeacoffee.com/LucaBarile" target="_blank" rel="noopener noreferrer">Here</a> you can buy me a unicorn &#129412;
<hr>
<h5 align="right">Share the Knowledge!</h5>

File Snapshot


 [4.0K]  /data/pocs/9ff0b29547a18983f61459d8bb1bd578aba7a05b
├── [268K]  Exploit.exe
├── [1.0K]  LICENSE
├── [3.2M]  POC.gif
├── [ 496]  README.md
├── [1.0M]  Visual Studio Project.zip
└── [4.0K]  WacomTablet_6.3.46-1
    ├── [ 16M]  WacomTablet_6.3.46-1.7z.001
    └── [ 12M]  WacomTablet_6.3.46-1.7z.002

1 directory, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!