CVE-2020-12929 – This vulnerability in AMD Graphics Driver's Pla... (How to Fix)

Q: What is the severity of CVE-2020-12929?

CVE-2020-12929 has a CVSS score of 7.8 (HIGH). This vulnerability in AMD Graphics Driver's Platform Security Processor (PSP) trusted applications allows local attackers to bypass security restrictions through improper parameter validation, potentially leading to arbitrary code execution. It affects systems with vulnerable AMD graphics drivers, requiring local access to exploit.

📋 TL;DR

This vulnerability in AMD Graphics Driver's Platform Security Processor (PSP) trusted applications allows local attackers to bypass security restrictions through improper parameter validation, potentially leading to arbitrary code execution. It affects systems with vulnerable AMD graphics drivers, requiring local access to exploit.

💻 Affected Systems

Products:

AMD Graphics Driver with PSP

Versions: Specific versions not detailed in advisory; check AMD advisory for exact ranges

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Requires AMD graphics hardware with vulnerable PSP firmware/driver combination.

📦 What is this software?

Radeon Software by Amd

View all CVEs affecting Radeon Software →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to SYSTEM/root level, complete system compromise, persistence establishment, and credential theft.

🟠

Likely Case

Local user gains elevated privileges, potentially accessing sensitive data or installing malware.

🟢

If Mitigated

Attack contained to user session with limited impact if proper privilege separation and monitoring are in place.

🌐 Internet-Facing: LOW - Requires local access, not directly exploitable over network.

🏢 Internal Only: HIGH - Local attackers on compromised systems can escalate privileges and move laterally.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of PSP trusted application interfaces.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check AMD driver updates for your specific GPU model

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000

Restart Required: Yes

Instructions:

1. Visit AMD driver download page
2. Select your GPU model and OS
3. Download latest driver
4. Install with administrative privileges
5. Restart system

🔧 Temporary Workarounds

Restrict local access

all

Limit physical and remote local access to vulnerable systems

Use standard user accounts

all

Ensure users operate with least privilege, not administrative rights

🧯 If You Can't Patch

Isolate vulnerable systems from critical networks and data
Implement strict access controls and monitor for privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check AMD driver version against advisory; older versions likely vulnerable

Check Version:

Windows: dxdiag or Device Manager > Display adapters; Linux: glxinfo | grep 'OpenGL version' or check AMD driver package

Verify Fix Applied:

Verify driver version matches or exceeds patched version in AMD advisory

📡 Detection & Monitoring

Log Indicators:

Unusual process creation from graphics driver components
Privilege escalation attempts
Suspicious access to PSP-related system calls

Network Indicators:

Not network exploitable; focus on host-based indicators

SIEM Query:

Process creation where parent process contains 'amd' or 'ati' and child process has elevated privileges

📊 Metadata

CVE ID: CVE-2020-12929

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-20

Published: November 15, 2021

Last Updated: November 21, 2024

🔗 References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000 Vendor Advisory
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-12929, you might also want to check these: