Published: 12/02/2020 Updated: 19/02/2020
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

The AUEPLauncher service in Radeon AMD User Experience Program Launcher up to and including on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an arbitrary file name.

Vulnerability Trend

Affected Products

Vendor Product Versions
AmdUser Experience Program1.0.0.1

Github Repositories