CVE-2020-37160

High CVSS: 8.5

SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative user and gain complete system access.

Vendor

Product

CWE

CWE-276

Yayın Tarihi

2026-02-07 00:15:56

Güncelleme

2026-02-09 16:08:55

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-276 HIGH 2026

Referanslar

https://veridium.net https://veridium.net/sprintwork/ https://www.exploit-db.com/exploits/48070 https://www.vulncheck.com/advisories/sprintwork-local-privilege-escalation