CVE-2020-37160
Unknown Unknown - Not Provided
Local Privilege Escalation in SprintWork 2.3.1 via Insecure Permissions

Publication date: 2026-02-07

Last updated on: 2026-02-07

Assigner: VulnCheck

Description
SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative user and gain complete system access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-07
Last Modified
2026-02-07
Generated
2026-06-16
AI Q&A
2026-02-07
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37160
EUVD
EUVD-2020-31112
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
veridium_software sprintwork 2.3.1
veridium_software homeguard_activity_monitor *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-276 During installation, installed file permissions are set to allow anyone to modify those files.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2020-37160 affects SprintWork version 2.3.1 on Windows systems and involves multiple local privilege escalation vulnerabilities caused by insecure file, service, and folder permissions.

The vulnerability arises from incorrect default permissions and missing executable files, as well as weak service configurations, which allow local unprivileged users to exploit these weaknesses.

Specifically, attackers can create a new administrative user account by placing a malicious executable in the SprintWork installation directory, which is then run with LocalSystem privileges due to insecure service settings.

This results in the attacker gaining complete system access with administrative rights.

Impact Analysis

This vulnerability allows any local unprivileged user on a Windows system running SprintWork 2.3.1 to escalate their privileges to LocalSystem, effectively gaining full administrative control over the system.

An attacker can create a new administrative user account, enabling persistent and unrestricted access to the system.

This can lead to unauthorized system modifications, installation of malicious software, data theft, and complete compromise of system confidentiality, integrity, and availability.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking for the presence of SprintWork version 2.3.1 installed on Windows systems and inspecting the permissions and existence of specific files and services related to SprintWork.'}, {'type': 'list_item', 'content': 'Verify if SprintWork 2.3.1 is installed.'}, {'type': 'list_item', 'content': 'Check for the existence of the executable file "nvlsimw.exe" in the SprintWork installation directory (typically C:\\Program Files\\SprintWork). Its absence indicates a vulnerable condition.'}, {'type': 'list_item', 'content': 'Inspect the permissions of the folder "C:\\Program Files\\SprintWork" and the file "NVLSIM.EXE" to see if they grant full control to the built-in Users group, which is insecure.'}, {'type': 'list_item', 'content': 'Check the installed services "SP52 AMC" and "SprintWork TM VI" for their configuration, especially if they run as LocalSystem and start automatically.'}, {'type': 'paragraph', 'content': 'Suggested commands on a Windows system to detect these conditions include:'}, {'type': 'list_item', 'content': 'To check installed SprintWork version: Use the Control Panel or run `wmic product where "name like \'%SprintWork%\'" get name, version`'}, {'type': 'list_item', 'content': 'To check for the missing executable: `dir "C:\\Program Files\\SprintWork\\nvlsimw.exe"`'}, {'type': 'list_item', 'content': 'To check folder and file permissions: `icacls "C:\\Program Files\\SprintWork"` and `icacls "C:\\Program Files\\SprintWork\\NVLSIM.EXE"`'}, {'type': 'list_item', 'content': 'To list and check service details: `sc qc "SP52 AMC"` and `sc qc "SprintWork TM VI"`'}, {'type': 'list_item', 'content': 'To check if the services are running as LocalSystem and start automatically, review the output of the above commands.'}] [1, 3]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'Immediate mitigation steps involve addressing the insecure permissions, missing executable, and service configurations that allow local privilege escalation.'}, {'type': 'list_item', 'content': 'Ensure that the missing executable file "nvlsimw.exe" is either properly installed or removed to prevent exploitation.'}, {'type': 'list_item', 'content': 'Correct the permissions on the SprintWork installation folder and related files to restrict full control access from unprivileged users.'}, {'type': 'list_item', 'content': 'Modify the service configurations to prevent unprivileged users from exploiting unquoted service paths or weak service permissions.'}, {'type': 'list_item', 'content': 'If possible, uninstall SprintWork 2.3.1 or upgrade to a version that addresses these vulnerabilities.'}, {'type': 'paragraph', 'content': 'Additionally, restrict local user permissions and monitor for unauthorized creation of administrative accounts.'}] [1, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37160. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart