Vulnerability Detail
Enriched intelligence for a single CVE
High
CVE-2010-2729
PUBLISHEDThe Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2,...
Not yet in CISA KEV
- Vendor
- Microsoft
- Product
- Windows
- Published
- Sep 15, 2010
- EPSS
- —
Automate This Intelligence with the Pro API
Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.
Description
The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote attackers to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC, as exploited in the wild in September 2010, aka "Print Spooler Service Impersonation Vulnerability."
CVSS Scores
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitation Status
Exploited in the wild
Recorded 2010-09-15 18:00:00 UTC · CVE
Proof of concept available
Recorded 2025-04-28 15:03:09 UTC
Known Exploited Vulnerability Sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CVE First | 2010-09-15 18:00 UTC |
Scanner Integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/ms10_061_spoolss.rb | Apr 28, 2025 |
Potential Proof of Concepts
These PoCs are unverified and could contain malware. Use at your own risk.
Timeline
-
Detected by Metasploit
-
Proof of Concept Exploit Available
-
Added to KEVIntel
-
CVE Published to Public
-
CVE ID Reserved