CVE-2022-26791Improper Privilege Management in Microsoft Windows 10 Version 20h2

CWE-269Improper Privilege Management20 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.4%
top 40.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Microsoft Windows 10 Version 20h2Microsoft Windows 10 Version 21h1Microsoft Windows 10 Version 21h2+3 more
Timeline
PublishedApr 15
Latest updateMar 12

Description

Windows Print Spooler Elevation of Privilege Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

CVEListV5microsoft/windows_10_version_20h210.0.010.0.19042.1645
CVEListV5microsoft/windows_10_version_21h110.0.010.0.19043.1645
CVEListV5microsoft/windows_10_version_21h210.0.19043.010.0.19044.1645
CVEListV5microsoft/windows_server_version_20h210.0.010.0.19042.1645

🔴Vulnerability Details

16
GHSA
GHSA-j4f7-q8hr-jwf3: Windows Print Spooler Elevation of Privilege Vulnerability2022-04-16
GHSA
GHSA-8jfx-95h8-fj8m: Windows Print Spooler Elevation of Privilege Vulnerability2022-04-16
GHSA
GHSA-h8h8-j6q6-6c44: Windows Print Spooler Elevation of Privilege Vulnerability2022-04-16
GHSA
GHSA-4p45-2736-fq3x: Windows Print Spooler Elevation of Privilege Vulnerability2022-04-16
GHSA
GHSA-mgvj-rwrg-mch6: Windows Print Spooler Elevation of Privilege Vulnerability2022-04-16

📋Vendor Advisories

1
Microsoft
Windows Print Spooler Elevation of Privilege Vulnerability2022-04-12

🕵️Threat Intelligence

2
Tenable
Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407)2024-03-12
Tenable
Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521)2022-04-12
CVE-2022-26791 — Improper Privilege Management | cvebase