Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-32162 PoC — Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability

Source
https://github.com/LucaBarile/ZDI-CAN-16318
Associated Vulnerability
Title:Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability (CVE-2023-32162)
Description:Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the WacomInstallI.txt file by the PrefUtil.exe utility. The issue results from incorrect permissions on the WacomInstallI.txt file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16318.
Description
Exploits and reports for CVE-2023-32162
Readme
# Exploits for CVE-2023-32162 (ZDI-CAN-16318) [0-day]

<p align="center">
  <img src="LPE/POC.gif" title="IGPF loads the barol92 json files locally">
</p>
<hr>
<a href="https://lucabarile.github.io/Blog/ZDI-CAN-16318/lpe/index.html" target="_blank" rel="noopener noreferrer">Here</a> you can find my <b>Local Privilege Escalation Vulnerability</b> report.<br>
<a href="https://lucabarile.github.io/Blog/ZDI-CAN-16318/arb_r/index.html" target="_blank" rel="noopener noreferrer">Here</a> you can find my <b>Arbitrary File Read Vulnerability</b> report.<br>
<a href="https://lucabarile.github.io/Blog/ZDI-CAN-16318/arb_rw/index.html" target="_blank" rel="noopener noreferrer">Here</a> you can find my <b>Arbitrary File Read\Write Vulnerability</b> report.<br>
<hr>
<a href="https://www.buymeacoffee.com/LucaBarile" target="_blank" rel="noopener noreferrer">Here</a> you can buy me a unicorn &#129412;
<hr>
<h5 align="right">Share the Knowledge!</h5>
File Snapshot

 [4.0K]  /data/pocs/4525ec67bfdc34dbe8186bba97b9033fef407754
├── [4.0K]  ARB_R
│   ├── [257K]  Exploit.exe
│   └── [1015K]  Visual Studio Project.zip
├── [4.0K]  ARB_RW
│   ├── [266K]  Exploit.exe
│   └── [1.0M]  Visual Studio Project.zip
├── [1.0K]  LICENSE
├── [4.0K]  LPE
│   ├── [ 12K]  Exploit.exe
│   ├── [3.7M]  POC.gif
│   └── [ 58K]  Visual Studio Project.zip
├── [ 947]  README.md
└── [4.0K]  WacomTablet_6.3.45-1
    ├── [ 15M]  WacomTablet_6.3.45-1.7z.001
    └── [ 13M]  WacomTablet_6.3.45-1.7z.002

4 directories, 11 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →