CVE-2021-34527CISA KEV: Actively Exploited

Microsoft Windows Print Spooler Remote Code Execution Vulnerability

Published Nov 3, 2021·Updated Nov 3, 2021

Description

Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploitation allows an attacker to perform remote code execution with SYSTEM privileges. The vulnerability is also known under the moniker of PrintNightmare.

Public Exploits & PoCs24 found

PoC: ItWasAllADream

A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE

701

PoC: PrintNightmare-CVE-2021-34527

PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits

72

PoC: CVE-2021-34527-1675

Cve-2021-1675 or cve-2021-34527? Detailed analysis and exploitation of windows print spooler 0day vulnerability!!!

6

PoC: PrintNightmare

To fight against Windows security breach PrintNightmare! (CVE-2021-34527, CVE-2021-1675)

3

PoC: PrintNightmare-Patcher

A patch for PrintNightmare vulnerability that occurs to print spooler service for Windows machines [CVE-2021-34527]

3

PoC: PrintNightmare

Kritische Sicherheitslücke PrintNightmare CVE-2021-34527

3

PoC: CVE-2021-34527

PrintNightmare (CVE-2021-34527) PoC Exploit

1

PoC: PrintNightmare-CVE-2021-34527

How to fix the PrintNightmare vulnerability

1

PoC: CVE-2021-34527-PrintNightmare-Workaround

This simple PowerShell script is in response to the "PrintNightmare" vulnerability. This was designed to give a end user the ability to stop and disable the "Print Spooler" service on their computer while awaiting a fix from Microsoft.

1

PoC: disable-RegisterSpoolerRemoteRpcEndPoint

Workaround for Windows Print Spooler Remote Code Execution Vulnerability(CVE-2021-34527). See: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

1

PoC: CVE-2021-34527-

PrintNightmare Report

PoC: CVE-2021-34527

CVE-2021-34527 is a critical remote code execution and local privilege escalation vulnerability dubbed "PrintNightmare."

PoC: detect_bruteforce

detect bruteforce using for cve-2021-34527

PoC: CVE-2021-34527

CVE-2021-34527 PrintNightmare PoC

PoC: PsFix-CVE-2021-34527

# Fix-CVE-2021-34527 Fix for the security Script Changes ACL in the directory Stop Service PrintSpooler Spooler Changes StartupType to Disabled Add every server in the serverlist.csv and run script.

PoC: cve-2021-34527

CVE-2021-34527 AddPrinterDriverEx() Privilege Escalation

PoC: CVE-2021-34527-CVE-2021-1675

PrintNightmare+Manual

PoC: CVE-2021-34527-1675

Cve-2021-1675 or cve-2021-34527? Detailed analysis and exploitation of windows print spooler 0day vulnerability!!!

PoC: PowerShell-PrintNightmare

A collection of scripts to help set the appropriate registry keys for CVE-2021-34527

PoC: Printnightmare

Fix for PrintNightmare CVE-2021-34527

PoC: printnightmare

CVE-2021-34527 implementation

PoC: CVE-2021-34527_ACL_mitigation

Mitigation for CVE-2021-34527 RCE by setting WRITE ACLs

PoC: Disable-Spooler-Service-PrintNightmare-CVE-2021-34527

Simple batch script to disable the Microsoft Print Spooler service from system

PoC: CVE-2021-34527

Small Powershell Script to detect Running Printer Spoolers on Domain Controller

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free