Vulnerabilities
PrintNightmare (CVE-2021-34527)
Also known as: CVE-2021-34527, Spoolsv RCE
Definition
A 2021 Windows Print Spooler vulnerability that let a low-privileged user install a malicious print driver and execute code with SYSTEM privileges.
Examples
- Ransomware groups abusing PrintNightmare to elevate to SYSTEM and deploy payloads on domain controllers.
- Red-team operators using PrintNightmare to escalate from a standard domain user to local admin.
Related terms
Vertical Privilege Escalation
A flaw that lets a low-privileged user obtain higher-privileged rights — typically administrator, root, or SYSTEM.
CVE (Common Vulnerabilities and Exposures)
A public catalogue that assigns a unique identifier to each disclosed software or hardware vulnerability so they can be referenced unambiguously across the industry.
Exploit
A piece of code, data, or technique that takes advantage of a vulnerability to cause unintended behaviour such as code execution, privilege escalation, or information disclosure.
Ransomware
Malware that encrypts a victim's data or locks systems and demands payment in exchange for restoring access.
Known Exploited Vulnerability (KEV)
A CVE that the U.S. CISA confirms is being actively exploited and adds to its public KEV Catalog, triggering remediation deadlines for U.S. federal agencies.
Active Directory
Active Directory — definition coming soon.