Privilege Escalation in AMD ATI Driver for Windows
CVE-2020-12138

8.8HIGH

Key Information:

Vendor

Amd
Status
Atillk64
Vendor
CVE Published:
27 April 2020

What is CVE-2020-12138?

The AMD ATI atillk64.sys driver version 5.11.9.0 contains a vulnerability that allows low-privileged users to access physical memory directly. By exploiting certain driver routines, these users can map physical memory into their process's virtual address space, enabling them to elevate their privileges to NT AUTHORITY\SYSTEM level. This is achieved through specific DeviceIoControl calls such as MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLockedPages, posing a significant security risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://eclypsium.com/2019/11/12/mother-of-all-drivers/
x_refsource_MISC
https://h0mbre.github.io/atillk64_exploit/
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.