CVE-2022-22718

HIGH KEV

Windows Print Spooler - Privilege Escalation

Title source: llm

Exploitation Summary

CVE-2022-22718 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added April 19, 2022. EIP tracks 1 public exploit from researchers including ahmetfurkans.

AI-analyzed exploit summary This repository contains a README describing CVE-2022-22718, a privilege escalation vulnerability in the Windows Print Spooler service. The writeup highlights its addition to CISA's actively exploited list and distinguishes it from related CVEs.

Description

Windows Print Spooler Elevation of Privilege Vulnerability

Exploits (1)

nomisec WRITEUP

by ahmetfurkans · poc

https://github.com/ahmetfurkans/CVE-2022-22718

View Code ZIP pw:eip

This repository contains a README describing CVE-2022-22718, a privilege escalation vulnerability in the Windows Print Spooler service. The writeup highlights its addition to CISA's actively exploited list and distinguishes it from related CVEs.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Windows Print Spooler

Auth required

Prerequisites: Local access to a vulnerable Windows system · User-level authentication

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory vendor-advisory

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22718

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22718

Scores

CVSS v3 7.8

EPSS 0.1846

EPSS Percentile 96.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2022-04-19

VulnCheck KEV 2022-04-19

InTheWild.io 2022-04-19

ENISA EUVD EUVD-2022-27861

Status published

Products (19)

microsoft/windows_10_1507 < 10.0.10240.19204

microsoft/windows_10_1607 < 10.0.14393.4946

microsoft/windows_10_1809 < 10.0.17763.2565

microsoft/windows_10_1909 < 10.0.18363.2094

microsoft/windows_10_20h2 < 10.0.19042.1526

microsoft/windows_10_21h1 < 10.0.19043.1526

microsoft/windows_10_21h2 < 10.0.19044.1526

microsoft/windows_11_21h2 < 10.0.22000.493

microsoft/windows_7

microsoft/windows_8.1

... and 9 more

Published Feb 09, 2022

KEV Added Apr 19, 2022

Tracked Since Feb 18, 2026