CVE-2020-8950

HIGH

AMD User Experience Program < 1.0.0.1 - Symlink Following

Title source: rule

Description

The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an arbitrary file name.

Exploits (1)

nomisec WRITEUP 29 stars

by sailay1996 · poc

https://github.com/sailay1996/amd_eop_poc

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://heynowyouseeme.blogspot.com/2020/02/privilege-escalation-filewrite-eop-in.html

Exploit, Third Party Advisory x_refsource_misc

https://heynowyouseeme.blogspot.com/2020/02/another-privilege-escalation-filewrite.html

Scores

CVSS v3 7.8

EPSS 0.0300

EPSS Percentile 86.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-59

Status published

Products (1)

amd/user_experience_program < 1.0.0.1

Published Feb 12, 2020

Tracked Since Feb 18, 2026