The 2021 Pwnie Nominee For Best Server-Side Bug

(Another) Print Spooler Vulnerability (CVE-2021-1675)

Researcher Names: Zhipeng Huo, Piotr Madej, Yunhai Zhang

Link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1675

The predecessor to PrintNightmare, this CVE is for an undocumented magic flag in the Windows Print Spooler API which will allow an attacker to skip all security checks and load arbitrary DLLs in a Print Spooler service process. Microsoft claims it’s an LPE, which would make sense if an LPE implied remote execution of arbitrary code as SYSTEM on the Domain Controller without any user interaction.