Medium severity6.2NVD Advisory· Published Feb 7, 2026· Updated Apr 15, 2026

CVE-2020-37160

Description

SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative user and gain complete system access.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

veridium.netnvd
veridium.net/sprintwork/nvd
www.exploit-db.com/exploits/48070nvd
www.vulncheck.com/advisories/sprintwork-local-privilege-escalationnvd

News mentions

No linked articles in our index yet.

cvss	0.403
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000