Lucene search

K
zdiElliot Cao (@iamelli0t) working with Trend Micro's Zero Day InitiativeZDI-21-022
HistoryJan 14, 2021 - 12:00 a.m.

Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability

2021-01-1400:00:00
Elliot Cao (@iamelli0t) working with Trend Micro's Zero Day Initiative
www.zerodayinitiative.com
26

0.001 Low

EPSS

Percentile

34.7%

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode printer driver host process splwow64.exe. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges from low integrity and execute arbitrary code in the context of the current user at medium integrity.