Researcher Name: Peleg Hadar and Tomer Bar
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1048
CVE: CVE-2020-1048
A Local privilege escalation vulnerability within the Print Spooler mechanism of Windows. It affected Windows 10, 8, 7 (32 and 64bit). The vulnerability could’ve been exploited using 3-5 PowerShell commands, providing a limited user the option to write arbitrary files and eventually execute code as NT AUTHORITY\SYSTEM. This team bypassed the patch and found another vulnerability – CVE-2020-1337, which provided the same: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1337. For added flair, this mechanism was exploited similarly by Stuxnet a decade ago.