← volver
CVE-2020-37160

SprintWork 2.3.1 - Local Privilege Escalation

CVSS 8.5 HIGHEPSS 0.1%CWE-276
SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative user and gain complete system access.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Veridium · SprintWork

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://veridium.nethttps://veridium.net/sprintwork/https://www.exploit-db.com/exploits/48070https://www.vulncheck.com/advisories/sprintwork-local-privilege-escalation