Login Sign Up

CVE-2020-12903

7.8 HIGH

📋 TL;DR

This vulnerability in AMD Graphics Driver for Windows 10 allows attackers to write or read outside intended memory boundaries through Escape 0x6002d03. Successful exploitation could lead to privilege escalation or denial of service. Affected users are those running vulnerable AMD graphics drivers on Windows 10 systems.

💻 Affected Systems

Products:
  • AMD Graphics Driver
Versions: Specific versions not detailed in provided references; check AMD advisory for exact affected versions
Operating Systems: Windows 10
Default Config Vulnerable: ⚠️ Yes
Notes: Requires AMD graphics hardware and vulnerable driver version. Impact limited to systems with AMD graphics cards.

📦 What is this software?

Radeon Software by Amd

View all CVEs affecting Radeon Software →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with administrative privileges, allowing complete control over the affected system.

🟠

Likely Case

Local privilege escalation enabling attackers to gain higher privileges than their current user account.

🟢

If Mitigated

Limited impact with proper security controls like application whitelisting and least privilege principles.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access to exploit.
🏢 Internal Only: MEDIUM - Malicious insiders or compromised accounts could exploit this to escalate privileges within the network.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and knowledge of the specific escape code. No public exploit code was mentioned in the provided references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check AMD driver updates for specific fixed version

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000

Restart Required: Yes

Instructions:

1. Visit AMD's driver download page. 2. Download latest graphics driver for your hardware. 3. Run installer and follow prompts. 4. Restart system when prompted.

🔧 Temporary Workarounds

Restrict local access

all

Limit physical and remote access to affected systems to reduce attack surface

Implement least privilege

windows

Ensure users operate with minimal necessary privileges to limit impact of privilege escalation

🧯 If You Can't Patch

  • Isolate affected systems from critical network segments
  • Implement strict access controls and monitor for suspicious privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check AMD driver version in Device Manager > Display adapters > Properties > Driver tab

Check Version:

wmic path win32_pnpsigneddriver where "DeviceID like '%VEN_1002%'" get DriverVersion

Verify Fix Applied:

Verify driver version matches or exceeds the patched version specified in AMD advisory

📡 Detection & Monitoring

Log Indicators:

  • Unusual driver access attempts
  • Privilege escalation events in Windows Security logs
  • AMD driver crash events

Network Indicators:

  • Not applicable - local exploitation only

SIEM Query:

EventID=4688 AND ProcessName LIKE '%amd%' AND NewProcessName LIKE '%cmd%' OR EventID=4672

📊 Metadata

CVE ID: CVE-2020-12903
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: November 15, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-12903, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)