Vulnerability Details CVE-2020-1048
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.724
EPSS Ranking 98.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://packetstormsecurity.com/files/158222/Windows-Print-Spooler-Privilege-Escalation.html
- http://packetstormsecurity.com/files/159217/Microsoft-Spooler-Local-Privilege-Elevation.html
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1048
- http://packetstormsecurity.com/files/158222/Windows-Print-Spooler-Privilege-Escalation.html
- http://packetstormsecurity.com/files/159217/Microsoft-Spooler-Local-Privilege-Elevation.html
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1048
Products affected by CVE-2020-1048
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_10:1809
-
cpe:2.3:o:microsoft:windows_10:1903
-
cpe:2.3:o:microsoft:windows_10:1909
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2016:1803
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2016:1909
-
cpe:2.3:o:microsoft:windows_server_2019:-