How severe is CVE-2020-6101?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.9 out of 10.

What type of vulnerability is CVE-2020-6101?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2020-6101

CRITICAL Year: 2020

CVSS v3 Score

9.9

Critical

CVSS v2 Score

6.5

Medium

Weakness Type

CWE-787

View all →

Vulnerability Description

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered from a HYPER-V guest using the RemoteFX feature, leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly).

CVE-2017-2620

CRITICAL

CVSS:9.9(Critical)

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cput...

CWE-7872017

CVE-2018-3863

CRITICAL

CVSS:9.9(Critical)

On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on th...

CWE-7872018

CVE-2018-3866

CRITICAL

CVSS:9.9(Critical)

An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process...

CWE-7872018

CVE-2018-3867

CRITICAL

CVSS:9.9(Critical)

An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware ve...

CWE-7872018

CVE-2018-3893

CRITICAL

CVSS:9.9(Critical)

An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core pro...

CWE-7872018

CVE-2018-3902

CRITICAL

CVSS:9.9(Critical)

An exploitable buffer overflow vulnerability exists in the camera "replace" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-...

CWE-7872018

CVE-2020-6101

Vulnerability Description

Related Vulnerabilities

CVE-2017-2620

CVE-2018-3863

CVE-2018-3866

CVE-2018-3867

CVE-2018-3893

CVE-2018-3902