CVE-2020-1337 – PrintDemon is dead, long live PrintDemon!
voidsec2022-01-14T09:05:26+01:00Banner Image by
Sergio Kalisiak
TL; DR: I will explain, in details, how to trigger PrintDemon exploit and dissect how I’ve discovered a new 0-day; Microsoft Windows EoP
CVE-2020-1337, a bypass of PrintDemon’s recent patch via a Junction Directory (TOCTOU).
After Yarden Shafir’s & Alex Ionescu’s posts (
PrintDemon,
FaxHell) and their call to action, I’ve started diving into the PrintDemon exploit. PrintDemon is the catching name...