CVE-2020-37160

MEDIUM

SprintWork 2.3.1 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37160. PoCs published by boku.

AI-analyzed exploit summary This exploit demonstrates a local privilege escalation (LPE) in SprintWork 2.3.1 by leveraging insecure file permissions and a missing executable for the 'SP52 AMC' service. A low-privileged user can place a malicious binary in the service directory, which executes as LocalSystem upon reboot.

Description

SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative user and gain complete system access.

Exploits (1)

exploitdb WORKING POC

by boku · textlocalwindows

https://www.exploit-db.com/exploits/48070

View Code ZIP pw:eip

This exploit demonstrates a local privilege escalation (LPE) in SprintWork 2.3.1 by leveraging insecure file permissions and a missing executable for the 'SP52 AMC' service. A low-privileged user can place a malicious binary in the service directory, which executes as LocalSystem upon reboot.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: SprintWork 2.3.1 (x86)

Auth required

Prerequisites: Local user access · SprintWork 2.3.1 installed on Windows 10 (32-bit) · Ability to transfer files to the target system

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/48070

Various Sources product

https://veridium.net

Various Sources product

https://veridium.net/sprintwork/

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/sprintwork-local-privilege-escalation

Scores

CVSS v3 6.2

EPSS 0.0014

EPSS Percentile 4.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-276

Status published

Products (1)

Veridium/SprintWork 2.3.1

Published Feb 07, 2026

Tracked Since Feb 18, 2026