Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-32163 PoC — Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability

Source
https://github.com/LucaBarile/ZDI-CAN-16857
Associated Vulnerability
Title:Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability (CVE-2023-32163)
Description:Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tablet Service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16857.
Description
Exploit and report for CVE-2023-32163
Readme
# Exploit for CVE-2023-32163 (ZDI-CAN-16857) [0-day]
<p align="center">
  <img src="POC.gif" title="IGPF loads the barol92 json files locally">
</p>
<hr>
<a href="https://lucabarile.github.io/Blog/ZDI-CAN-16857/index.html" target="_blank" rel="noopener noreferrer">Here</a> you can read my report &#128220;<br>
<a href="https://www.buymeacoffee.com/LucaBarile" target="_blank" rel="noopener noreferrer">Here</a> you can buy me a unicorn &#129412;
<hr>
<h5 align="right">Share the Knowledge!</h5>
File Snapshot

 [4.0K]  /data/pocs/9ff0b29547a18983f61459d8bb1bd578aba7a05b
├── [268K]  Exploit.exe
├── [1.0K]  LICENSE
├── [3.2M]  POC.gif
├── [ 496]  README.md
├── [1.0M]  Visual Studio Project.zip
└── [4.0K]  WacomTablet_6.3.46-1
    ├── [ 16M]  WacomTablet_6.3.46-1.7z.001
    └── [ 12M]  WacomTablet_6.3.46-1.7z.002

1 directory, 7 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →