CVE-2019-25288

Wacom WTabletService 6.6.7-3 - 'WTabletServicePro' Unquoted Service Path

CVSS 8.5 HIGHEPSS 0.2%CWE-428

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 8.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

04 fev 2026Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Wacom WTabletService 6.6.7-3 contains an unquoted service path vulnerability that allows local attackers to execute malicious code with elevated privileges. Attackers can insert an executable file in the service path to run unauthorized code when the service restarts or the system reboots.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Produtos afetados

Wacom · Wacom WTabletService

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.exploit-db.com/exploits/47593 https://www.vulncheck.com/advisories/wacom-wtabletservice-wtabletservicepro-unquoted-service-path https://www.wacom.com