Lucene search
K

15 matches found

Rapid7 Blog
Rapid7 Blog
added 2022/06/09 4:39 p.m.474 views

Announcing Metasploit 6.2

Metasploit 6.2.0 has been released, marking another milestone that includes new modules, features, improvements, and bug fixes. Since Metasploit 6.1.0 August 2021 until the latest Metasploit 6.2.0 release we’ve added: 138 new modules 148 enhancements and features 156 bug fixes Top modules Each...

10CVSS0.99999EPSS
Exploits568
Rapid7 Blog
Rapid7 Blog
added 2022/03/18 5:38 p.m.460 views

Metasploit Weekly Wrap-Up

CVE-2022-21999 - SpoolFool Our very own Shelby Pace has added a new module for the CVE-2022-21999 SpoolFool privilege escalation vulnerability. This escalation vulnerability can be leveraged to achieve code execution as SYSTEM. This new module has successfully been tested on Windows 10 10.0 Build...

7.5CVSS0.5AI score0.99657EPSS
Exploits32
Metasploit
Metasploit
added 2022/03/16 5:42 p.m.533 views

CVE-2022-21999 SpoolFool Privesc

The Windows Print Spooler has a privilege escalation vulnerability that can be leveraged to achieve code execution as SYSTEM. The SpoolDirectory, a configuration setting that holds the path that a printer's spooled jobs are sent to, is writable for all users, and it can be configured via...

7.8CVSS9.3AI score0.41683EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/03/16 12:0 a.m.400 views

Windows SpoolFool Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2022-21999 SpoolFool Privesc', 'Description' = %q The Windows Print Spooler has a privilege escalation vulnerability that can be leveraged to...

7.8CVSS0.7AI score0.41683EPSS
Exploits4
NVD
NVD
added 2022/02/09 5:15 p.m.26 views

CVE-2022-21999

Windows Print Spooler Elevation of Privilege Vulnerability...

7.8CVSS0.41683EPSS
Exploits4References2
CVE
CVE
added 2022/02/09 4:36 p.m.1236 views

CVE-2022-21999

Technical details about CVE-2022-21999 are not publicly provided in the supplied connected documents. Based on the materials, we cannot specify affected software, root cause, or remediation. Monitor for updates from official advisories and vendor disclosures.

7.8CVSS7.7AI score0.41683EPSS
In wildExploits4References2Affected Software17
Vulnrichment
Vulnrichment
added 2022/02/09 4:36 p.m.16 views

CVE-2022-21999 Windows Print Spooler Elevation of Privilege Vulnerability

...

7.8CVSS7.8AI score0.41683EPSS
Exploits4References1
Circl
Circl
added 2022/02/09 4:0 a.m.11 views

CVE-2022-21999

creationtimestamp| type| source ---|---|--- 2022-02-09 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=736 2022-03-16 13:56:13+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve202221999spoolfoolprivesc.rb 2022-03-25...

7.8CVSS7.2AI score0.41683EPSS
Exploits4References12
Kaspersky
Kaspersky
added 2022/02/08 12:0 a.m.54 views

KLA12458 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability ...

7.8CVSS8.2AI score0.43618EPSS
Exploits4References28
Tenable Nessus
Tenable Nessus
added 2022/02/08 12:0 a.m.282 views

KB5010351: Windows 10 version 1809 / Windows Server 2019 Security Update (February 2022)

The remote Windows host is missing security update 5010351. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid157432; scriptversion"1.17";...

9.3CVSS7.9AI score0.53655EPSS
Exploits4References21
Tenable Nessus
Tenable Nessus
added 2022/02/08 12:0 a.m.73 views

KB5010422: Windows 7 and Windows Server 2008 R2 Security Update (February 2022)

The remote Windows host is missing security update 5010422. It is, therefore, affected by multiple vulnerabilities - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2022-21998 - A denial of service DoS vulnerability. An...

7.8CVSS8AI score0.43618EPSS
Exploits4References12
Tenable Nessus
Tenable Nessus
added 2022/02/08 12:0 a.m.105 views

KB5010403: Windows Server 2008 Security Update (February 2022)

The remote Windows host is missing security update 5010403. It is, therefore, affected by multiple vulnerabilities - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2022-21993, CVE-2022-21998 - A denial of service DoS...

7.8CVSS8AI score0.43618EPSS
Exploits4References15
Tenable Nessus
Tenable Nessus
added 2022/02/08 12:0 a.m.196 views

KB5010392: Windows Server 2012 Security Update (February 2022)

The remote Windows host is missing security update 5010412. It is, therefore, affected by multiple vulnerabilities - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2022-21993, CVE-2022-21998 - A denial of service DoS...

7.8CVSS8AI score0.43618EPSS
Exploits4References15
Tenable Nessus
Tenable Nessus
added 2022/02/08 12:0 a.m.107 views

KB5010345: Windows 10 version 1909 Security Update (February 2022)

The remote Windows host is missing security update 5010345. It is, therefore, affected by multiple vulnerabilities - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2022-21993, CVE-2022-21998 - A denial of service DoS...

9.3CVSS8AI score0.53655EPSS
Exploits4References22
Tenable Nessus
Tenable Nessus
added 2022/02/08 12:0 a.m.112 views

KB5010358: Windows 10 LTS 1507 Security Update (February 2022)

The remote Windows host is missing security update 5010358. It is, therefore, affected by multiple vulnerabilities - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2022-21993, CVE-2022-21998 - A denial of service DoS...

7.9CVSS8AI score0.43618EPSS
Exploits4References15
Rows per page
Query Builder