CVE-2019-0880
CVE-2019-0880
In short
A flaw in splwow64.exe (a Windows print-related tool) allows a local user to gain higher system privileges than they should have. An attacker with basic access to the computer can exploit this to take control of it.
Technical detail
Local elevation of privilege vulnerability in splwow64.exe due to improper handling of specific function calls. Attack vector is local; requires user-level access on the target system. Successful exploitation grants attacker SYSTEM-level privileges, enabling arbitrary code execution and full system compromise.
Summary generated and translated by AI from the official description.
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Microsoft · WindowsMicrosoft · Windows 10 Version 1903 for 32-bit SystemsMicrosoft · Windows 10 Version 1903 for ARM64-based SystemsMicrosoft · Windows 10 Version 1903 for x64-based SystemsMicrosoft · Windows ServerMicrosoft · Windows Server, version 1903 (Server Core installation)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →