CVE-2020-37160

Sažetak

SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative user and gain complete system access.

Reference

https://veridium.net
https://veridium.net/sprintwork/
https://www.exploit-db.com/exploits/48070
https://www.vulncheck.com/advisories/sprintwork-local-privilege-escalation

CVSS

Base:	6.2
Impact:	3.6
Exploitability:	2.5

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	NONE	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Zadnje važnije ažuriranje

07-02-2026 - 00:15

Objavljeno

07-02-2026 - 00:15