CVE-2019-5012

Name of the Vulnerable Software and Affected Versions Wacom driver version 6.3.32-3

Description A privilege escalation issue exists in the update helper service, specifically in the startProcess command. This command executes a user-supplied script under root context, allowing a local user to elevate their privileges to root. The exploitation of this issue requires local access to the machine.

Recommendations For Wacom driver version 6.3.32-3, as a temporary workaround, consider disabling the startProcess command in the update helper service until a patch is available. Restrict local access to the machine to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.