CVE-2020-12900

CWE-269 — Improper Privilege Management5 documents5 sources

Severity

7.8HIGH

EPSS

0.1%

top 67.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AMD AMD Radeon Software AMD Radeon Software

Timeline

PublishedNov 15

Latest updateMay 24

Description

An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDamd/radeon_software< 20.7.1

▶CVEListV5amd/amd_radeon_softwareRadeon Software — 20.7.1+1

🔴Vulnerability Details

GHSA

GHSA-wqp5-c9j9-mhqr: An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileg↗2022-05-24

▶

CVEList

CVE-2020-12900: An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileg↗2021-11-15

▶

💥Exploits & PoCs

Exploit-DB

ManageEngine Applications Manager 14700 - Remote Code Execution (Authenticated)↗2020-09-07

▶

📋Vendor Advisories

Oracle

Oracle Oracle Database Server Risk Matrix: Core RDBMS (bzip2) — CVE-2019-12900↗2020-10-15

▶