The 2021 Pwnie Nominee For Best Server-Side Bug

PrintNightmare (CVE-2021-34527)

Researcher Names: Security Research Team at Sangfor

Link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

At this point in the year, if you don’t already know, I don’t think we can help you.

Also known as easyRCE, PrintNightmware is a remote code execution vulnerability in the Windows Print Spooler service. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights against all Windows users.