Lucene search

K
zdiJeongOh Kyea (@kkokkokye) of THEORIZDI-21-019
HistoryJan 14, 2021 - 12:00 a.m.

Microsoft Windows Print Spooler Directory Junction Privilege Escalation Vulnerability

2021-01-1400:00:00
JeongOh Kyea (@kkokkokye) of THEORI
www.zerodayinitiative.com
18

0.0004 Low

EPSS

Percentile

9.7%

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler service. By creating a directory junction, an attacker can abuse the Print Spooler service to create a file in an arbitrary location. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM.

0.0004 Low

EPSS

Percentile

9.7%