Exploit for #VU34127 Permissions, Privileges, and Access Controls in Windows and Windows Server

Exploit for #VU34127 Permissions, Privileges, and Access Controls in Windows and Windows Server

Published: 2020-08-21 | Updated: 2021-04-06

Vulnerability identifier: #VU34127

Vulnerability risk: Low

CVSSv3.1: 8.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]

CVE-ID: CVE-2020-1337

CWE-ID: CWE-264

Exploitation vector: Local

Exploits in database: 5

April 6, 2021
- cve-2020-1337-poc () [Github]
January 15, 2021
- Microsoft Spooler Local Privilege Elevation Vulnerability [Metasploit]
November 11, 2020
- Microsoft Windows Local Spooler Bypass [Packet Storm]
August 21, 2020
- cve-2020-1337-poc (poc for CVE-2020-1337 (Windows Print Spooler Elevation of Privilege)) [Github]
- CVE-2020-1337 (CVE-2020-1048 bypass: binary planting PoC) [Github]

Impact: Code execution

Vulnerable software:
Windows
Operating systems & Components / Operating system
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft