CVE-2022-41073
HIGH KEV RANSOMWAREWindows Print Spooler - Privilege Escalation
Title source: llmExploitation Summary
CVE-2022-41073 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 8, 2022, with confirmed use in ransomware campaigns.
Description
Windows Print Spooler Elevation of Privilege Vulnerability
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/174528/Microsoft-Windows-Privilege-Escalation.html
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-41073
Patch, Vendor Advisory vendor-advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41073
Scores
CVSS v3
7.8
EPSS
0.0234
EPSS Percentile
85.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2022-11-08
VulnCheck KEV
2022-11-08
InTheWild.io
2022-11-08
ENISA EUVD
EUVD-2022-44317
Ransomware Use
Confirmed
CWE
CWE-787
Status
published
Products (18)
microsoft/windows_10_1507
< 10.0.10240.19567
microsoft/windows_10_1607
< 10.0.14393.5501
microsoft/windows_10_1809
< 10.0.17763.3650
microsoft/windows_10_20h2
< 10.0.19042.2251
microsoft/windows_10_21h1
< 10.0.19043.2251
microsoft/windows_10_21h2
< 10.0.19044.2251
microsoft/windows_10_22h2
< 10.0.19045.2251
microsoft/windows_11_21h2
< 10.0.22000.1219
microsoft/windows_11_22h2
< 10.0.22621.819
microsoft/windows_7
... and 8 more
Published
Nov 09, 2022
KEV Added
Nov 08, 2022
Tracked Since
Feb 18, 2026