Privilege escalation

2020-02-1220:15:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.1%

JSON

The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an arbitrary file name.

CPENameOperatorVersion
user_experience_programle1.0.0.1

CPE	Name	Operator	Version
	user_experience_program	le	1.0.0.1

References

heynowyouseeme.blogspot.com/2020/02/another-privilege-escalation-filewrite.html

heynowyouseeme.blogspot.com/2020/02/privilege-escalation-filewrite-eop-in.html