CVE-2022-43293: 
Wacom Tablet Driver vulnerability analysis and mitigation

Wacom Driver 6.3.46-1 and 6.3.45-1 for Windows contains an arbitrary file write vulnerability via the component \Wacom\WacomTablet.exe. The vulnerability was discovered in July 2022 and was assigned CVE-2022-43293. The affected software includes Wacom Driver versions 6.3.46-1 and 6.3.45-1 for Windows, with older versions potentially affected as well (NVD, [Wacom Release Notes](https://cdn.wacom.com/u/productsupport/drivers/win/professional/releasenotes/Windows6.4.2-1.html)).

The vulnerability exists in the Wacom_Tablet.exe component which runs with SYSTEM privileges when a Wacom device is plugged in or unplugged. The component attempts to download and save an update.xml file to %windir%\Temp\wactemp folder without proper security checks. By creating an NTFS volume mount point at this location before the folder is created, an attacker can exploit link following to achieve arbitrary file write capabilities. The vulnerability has a CVSS v3.1 base score of 5.9 (Medium) with vector string CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H (Security Research Blog, NVD).

When successfully exploited, the vulnerability allows an attacker to write or overwrite arbitrary files with the privileges of the SYSTEM account. This can be leveraged to achieve persistent Windows denial of service by overwriting critical system files like cng.sys, or potentially lead to privilege escalation by overwriting system files (Security Research Blog).

The vulnerability has been fixed in Wacom Driver version 6.4.2-1 released on May 9, 2023. Users are advised to update to this version or later. The update includes security improvements to fix the potential Windows security vulnerability (Wacom Release Notes).