← Back to CVEs
CVE-2020-37160
MEDIUM6.2
Description
SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative user and gain complete system access.
CVE Details
CVSS v3.1 Score6.2
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published2/7/2026
Last Modified2/9/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-276
References
https://veridium.net(disclosure@vulncheck.com)
https://veridium.net/sprintwork/(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/48070(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/sprintwork-local-privilege-escalation(disclosure@vulncheck.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.