CVE-2021-1675

high

Description

Windows Print Spooler Remote Code Execution Vulnerability

From the Tenable Blog

CVE-2021-1675: Proof-of-Concept Leaked for Critical Windows Print Spooler Vulnerability
CVE-2021-1675: Proof-of-Concept Leaked for Critical Windows Print Spooler Vulnerability

Published: 2021-06-29

Researchers published and deleted proof-of-concept code for a remote code execution vulnerability in Windows Print Spooler, called PrintNightmare, though the PoC is likely still available. Update July 2: The Background, Analysis and Solution sections have been updated with new information for CVE-2021-34527 issued by Microsoft on July 1. No patch has yet been released for the new CVE, but additional information and mitigation options are offered in the advisory.

References

https://www.tenable.com/blog/from-bugs-to-breaches-25-significant-cves-as-mitre-cve-turns-25

https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-117a

https://www.tenable.com/blog/contileaks-chats-reveal-over-30-vulnerabilities-used-by-conti-ransomware-affiliates

https://www.tenable.com/cyber-exposure/2021-threat-landscape-retrospective

https://www.tenable.com/blog/microsoft-s-september-2021-patch-tuesday-addresses-60-cves-cve-2021-40444

https://www.bleepingcomputer.com/news/security/translated-conti-ransomware-playbook-gives-insight-into-attacks/

https://www.tenable.com/blog/the-printnightmare-continues-another-zero-day-in-print-spooler-awaits-patch-cve-2021-36958

https://therecord.media/printnightmare-vulnerability-weaponized-by-magniber-ransomware-gang

https://www.tenable.com/blog/microsoft-s-august-2021-patch-tuesday-addresses-44-cves-cve-2021-26424-cve-2021-36948

https://www.tenable.com/blog/cve-2021-1675-proof-of-concept-leaked-for-critical-windows-print-spooler-vulnerability

https://www.kb.cert.org/vuls/id/383432

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1675

http://packetstormsecurity.com/files/167261/Print-Spooler-Remote-DLL-Injection.html

http://packetstormsecurity.com/files/163351/PrintNightmare-Windows-Spooler-Service-Remote-Code-Execution.html

http://packetstormsecurity.com/files/163349/Microsoft-PrintNightmare-Proof-Of-Concept.html

Details

Source: Mitre, NVD

Published: 2021-06-08

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High