PT-2026-5815 · Wacom · Wtabletservice

Published

2026-02-04

Updated

2026-02-05

CVE-2019-25288

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Wacom WTabletService version 6.6.7-3

Description The software contains an unquoted service path issue that allows local attackers to execute malicious code with elevated privileges. An attacker can place an executable file within the service path, leading to the execution of unauthorized code during service restarts or system reboots.

Recommendations Ensure the service path is properly quoted to prevent the execution of unauthorized code.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-428

Related Identifiers

CVE-2019-25288

Affected Products

Wtabletservice

PT-2026-5815 · Wacom · Wtabletservice

CVE-2019-25288

Weakness Enumeration

Related Identifiers

Affected Products

References · 5