CVE-2020-37160
Local Privilege Escalation in SprintWork 2.3.1 via Insecure Permissions
Publication date: 2026-02-07
Last updated on: 2026-02-07
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| veridium_software | sprintwork | 2.3.1 |
| veridium_software | homeguard_activity_monitor | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2020-37160 affects SprintWork version 2.3.1 on Windows systems and involves multiple local privilege escalation vulnerabilities caused by insecure file, service, and folder permissions.
The vulnerability arises from incorrect default permissions and missing executable files, as well as weak service configurations, which allow local unprivileged users to exploit these weaknesses.
Specifically, attackers can create a new administrative user account by placing a malicious executable in the SprintWork installation directory, which is then run with LocalSystem privileges due to insecure service settings.
This results in the attacker gaining complete system access with administrative rights.
How can this vulnerability impact me? :
This vulnerability allows any local unprivileged user on a Windows system running SprintWork 2.3.1 to escalate their privileges to LocalSystem, effectively gaining full administrative control over the system.
An attacker can create a new administrative user account, enabling persistent and unrestricted access to the system.
This can lead to unauthorized system modifications, installation of malicious software, data theft, and complete compromise of system confidentiality, integrity, and availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking for the presence of SprintWork version 2.3.1 installed on Windows systems and inspecting the permissions and existence of specific files and services related to SprintWork.'}, {'type': 'list_item', 'content': 'Verify if SprintWork 2.3.1 is installed.'}, {'type': 'list_item', 'content': 'Check for the existence of the executable file "nvlsimw.exe" in the SprintWork installation directory (typically C:\\Program Files\\SprintWork). Its absence indicates a vulnerable condition.'}, {'type': 'list_item', 'content': 'Inspect the permissions of the folder "C:\\Program Files\\SprintWork" and the file "NVLSIM.EXE" to see if they grant full control to the built-in Users group, which is insecure.'}, {'type': 'list_item', 'content': 'Check the installed services "SP52 AMC" and "SprintWork TM VI" for their configuration, especially if they run as LocalSystem and start automatically.'}, {'type': 'paragraph', 'content': 'Suggested commands on a Windows system to detect these conditions include:'}, {'type': 'list_item', 'content': 'To check installed SprintWork version: Use the Control Panel or run `wmic product where "name like \'%SprintWork%\'" get name, version`'}, {'type': 'list_item', 'content': 'To check for the missing executable: `dir "C:\\Program Files\\SprintWork\\nvlsimw.exe"`'}, {'type': 'list_item', 'content': 'To check folder and file permissions: `icacls "C:\\Program Files\\SprintWork"` and `icacls "C:\\Program Files\\SprintWork\\NVLSIM.EXE"`'}, {'type': 'list_item', 'content': 'To list and check service details: `sc qc "SP52 AMC"` and `sc qc "SprintWork TM VI"`'}, {'type': 'list_item', 'content': 'To check if the services are running as LocalSystem and start automatically, review the output of the above commands.'}] [1, 3]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation steps involve addressing the insecure permissions, missing executable, and service configurations that allow local privilege escalation.'}, {'type': 'list_item', 'content': 'Ensure that the missing executable file "nvlsimw.exe" is either properly installed or removed to prevent exploitation.'}, {'type': 'list_item', 'content': 'Correct the permissions on the SprintWork installation folder and related files to restrict full control access from unprivileged users.'}, {'type': 'list_item', 'content': 'Modify the service configurations to prevent unprivileged users from exploiting unquoted service paths or weak service permissions.'}, {'type': 'list_item', 'content': 'If possible, uninstall SprintWork 2.3.1 or upgrade to a version that addresses these vulnerabilities.'}, {'type': 'paragraph', 'content': 'Additionally, restrict local user permissions and monitor for unauthorized creation of administrative accounts.'}] [1, 3]