mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 02:45:46 +02:00
0xMarcio
1015 B
1015 B
CVE-2019-5013
&color=brighgreen)
Description
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this vulnerability to raise load arbitrary launchD agents. An attacker would need local access to the machine for a successful exploit.
POC
Reference
Github
No PoCs found on GitHub currently.