Primary

Context

Wacom WTabletService Unquoted Service Path Vulnerability Allowing Elevated Privileges

Vulnerability

A vulnerability exists in Wacom WTabletService version 6.6.7-3, where an unquoted service path allows local attackers to execute malicious code with elevated privileges. By placing an executable file in the service path, unauthorized code can be executed when the service is restarted or the system is rebooted.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution with elevated privileges.

Reproduction

The vulnerability can be reproduced by inserting an executable file into the unquoted service path of 'WTabletServicePro'. This can be done using a variety of methods to place the executable in the correct location. Once the file is in place, restarting the 'WTabletServicePro' service or rebooting the system will execute the malicious code with elevated privileges.

Added: Feb 5, 2026, 12:20 AM

Updated: Feb 5, 2026, 12:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wacom WTabletService Unquoted Service Path Vulnerability Allowing Elevated Privileges

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating