CVE-2020-1337

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows Print Spooler (affected versions not specified)

Description An elevation of privilege issue exists due to the Windows Print Spooler service improperly allowing arbitrary writing to the file system. This could enable an attacker to run arbitrary code with elevated system privileges, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. To exploit this, an attacker would need to log on to an affected system and run a specially crafted script or application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

LPE

Time Of Check To Time Of Use

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-367CWE-264

Related Identifiers

BDU:2020-04024

CVE-2020-1337

ZDI-20-995

Affected Products

Windows

Windows Print Spooler

CVE-2020-1337

Weakness Enumeration

Related Identifiers

Affected Products

References · 27