Talos’ security researchers have discovered two security flaws in the Wacom update helper that could be exploited to elevate privileges on a vulnerable system.
The update helper tool is being installed alongside the macOS application for Wacom tablets. Designed for interaction with the tablet, the application can be managed by the user.
What the security researchers have discovered is that an attacker with local access could exploit these vulnerabilities to leverage their privileges to root.
Tracked as CVE-2019-5012 and featuring a CVSS score of 7.8, the first bug was found in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command.
The command, Talos explains, takes a user-supplied script argument and executes it under root context. This could allow a user with local access to raise their privileges to root.
The second security flaw is tracked as CVE-2019-5013 and features a CVSS score of 7.1. It was found in the Wacom update helper service in the start/stopLaunchDProcess command.
“The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this vulnerability to raise load arbitrary launchD agents,” Talos reveals.
Attackers looking to target these vulnerabilities would need local access to a vulnerable machine for successful exploitation.
According to the security researchers, Wacom driver on macOS, versions 126.96.36.199 and 188.8.131.52 are affected by these vulnerabilities.
Wacom has already released version 6.3.34, which addresses these bugs.
Source: infosec island