CVE-2020-8950 PoC — AMD Radeon User Experience Program Launcher 后置链接漏洞

Source

https://github.com/sailay1996/amd_eop_poc

Associated Vulnerability

Title:AMD Radeon User Experience Program Launcher 后置链接漏洞 (CVE-2020-8950)
Description:The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an arbitrary file name.

Description

CVE-2020-8950 AMD User Experience Program Launcher from Radeon Software Privilege Escalation ( FileWrite eop)

Readme

# amd_eop_poc (CVE-2020-8950)
AMD User Experience Program Launcher from Radeon Software Privilege Escalation (FileWrite eop) <br>
***Read the note.txt*** 

https://heynowyouseeme.blogspot.com/2020/02/privilege-escalation-filewrite-eop-in.html

https://heynowyouseeme.blogspot.com/2020/02/another-privilege-escalation-filewrite.html

![test1](https://github.com/sailay1996/amd_eop_poc/blob/master/exploit_poc.jpg)

[@404death](https://twitter.com/404death)

File Snapshot


 [4.0K]  /data/pocs/b78acbc6cf32f31c94ee5f19861e26e9e7992585
├── [126K]  CreateSymlink.exe
├── [  46]  exp.cmd
├── [ 369]  exploit.bat
├── [389K]  exploit_poc.jpg
├── [ 939]  note.txt
├── [ 126]  old.cmd
├── [ 391]  old_version_amd_exploit.bat
├── [ 456]  README.md
├── [145K]  UsoDllLoader.exe
└── [ 88K]  WindowsCoreDeviceInfo.dll

0 directories, 10 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!