{"vulnerability": "CVE-2020-1296", "sightings": [{"uuid": "cb6599ba-0b88-43cb-90d6-39a115338fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12960", "type": "seen", "source": "https://t.me/cibsecurity/32490", "content": "\u203c CVE-2020-12960 \u203c\n\nAMD Graphics Driver for Windows 10, amdfender.sys may improperly handle input validation on InputBuffer which may result in a denial of service (DoS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T16:26:33.000000Z"}, {"uuid": "1ba22ec4-1a2a-4699-86a9-e78d46826e0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1296", "type": "seen", "source": "https://t.me/BleepingComputer/7550", "content": "Windows 10 Privacy Settings bug let users change admin options\n\nAn \"Important\" and equally ironic vulnerability, tracked as CVE-2020-1296 was fixed in the Microsoft June 2020 updates that allows privilege escalation in the Windows Diagnostics &amp; Feedback settings app: the annoying privacy setting\u00a0screen is shown\u00a0to users when setting up or upgrading Windows. [...]\n\nhttps://www.bleepingcomputer.com/news/microsoft/windows-10-privacy-settings-bug-let-users-change-admin-options/", "creation_timestamp": "2020-06-13T18:09:32.000000Z"}, {"uuid": "df23279b-b58c-4e48-8530-125b26156956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12961", "type": "seen", "source": "https://t.me/cibsecurity/32476", "content": "\u203c CVE-2020-12961 \u203c\n\nA potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T16:20:46.000000Z"}, {"uuid": "fb07bde9-84d8-466e-bd3b-61d3bcdaf4dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12965", "type": "seen", "source": "https://t.me/sysodmins/20282", "content": "\u041d\u043e\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 CPU Intel, AMD \u0438 ARM, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u2328\ufe0f\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438, \u043a\u0430\u043a \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u0430\u0442\u0430\u043a\u0438 SLAM (Spectre Linear Address Masking) \u043c\u043e\u0436\u043d\u043e \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0438\u0437 \u043f\u0430\u043c\u044f\u0442\u0438 \u044f\u0434\u0440\u0430 \u0434\u0430\u043d\u043d\u044b\u0435, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0439 \u043c\u0430\u0441\u043a\u0435 (\u0437\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u0435\u0441\u044f\u0442\u043a\u043e\u0432 \u0441\u0435\u043a\u0443\u043d\u0434 \u0432 Ubuntu \u043e\u043d\u0438 \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0438\u0437 \u043f\u0430\u043c\u044f\u0442\u0438 \u044f\u0434\u0440\u0430 \u0441\u0442\u0440\u043e\u043a\u0443 \u0441 \u0445\u044d\u0448\u0435\u043c \u043f\u0430\u0440\u043e\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root). \u0410\u0442\u0430\u043a\u0430 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u043d\u043e\u0432\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u0438\u043a\u0440\u043e\u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043a\u043b\u0430\u0441\u0441\u0430 Spectre.\n\n\u2705 \u0410\u0442\u0430\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0430 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445:\n\u2022 \u0441 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u043c\u0438 Intel, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u043c\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 LAM (Linear Address Masking),\n\u2022 \u0441 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u043c\u0438 AMD \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c UAI (Upper Address Ignore),\n\u2022 \u0441 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u043c\u0438 ARM \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c TBI (Top Byte Ignore),\n\u2022 \u043d\u0430 \u0441\u0442\u0430\u0440\u044b\u0445 CPU AMD Zen+ \u0438 Zen 2, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2020-12965.\n\n\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0447\u0442\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Intel, AMD \u0438 ARM \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 LAM, UAI \u0438 TBI \u0435\u0449\u0451 \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u044b, \u043d\u043e \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u043d\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u044f\u0442\u0441\u044f.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2023-12-07T01:06:08.000000Z"}]}