9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
**Lenovo Security Advisory:**LEN-42153
**Potential Impact:**Code execution
**Severity:**High
**Scope of Impact:**Industry-wide
**CVE Identifier:**CVE-2020-6100, CVE-2020-6101, CVE-2020-6102, CVE-2020-6103
Summary Description:
AMD reported potential vulnerabilities in a specific virtual machine (VM) configuration using AMD GPU or APU processors that may allow code execution.
Mitigation Strategy for Customers (what you should do to protect yourself):
AMD will issue updated graphics drivers to remediate these issues for existing VMs that use the RemoteFX 3D feature in late October 2020.
AMD recommends upgrading to the driver version (or newer) indicated for your model in the Product Impact section below when available.
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P