CVE-2020-15705

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2020-15705
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.

6.4 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 3.4 / Impact : 6.4

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://www.suse.com/support/kb/doc/?id=000019673 Third Party Advisory
http://ubuntu.com/security/notices/USN-4432-1 Third Party Advisory
https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html Issue Tracking Vendor Advisory
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass Third Party Advisory
https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011 Patch Third Party Advisory Vendor Advisory
https://access.redhat.com/security/vulnerabilities/grub2bootloader Third Party Advisory
https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ Third Party Advisory
https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/ Third Party Advisory
https://www.openwall.com/lists/oss-security/2020/07/29/3 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2020/07/29/3 Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20200731-0008/ Third Party Advisory
https://usn.ubuntu.com/4432-1/ Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/03/02/3 Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202104-05 Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/09/17/2 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/09/17/4 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/09/21/1 Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
Information

Published : 2020-07-29 11:15

Updated : 2022-04-18 08:22

NVD link : CVE-2020-15705

Mitre link : CVE-2020-15705

JSON object : View

CWE
CWE-347

Improper Verification of Cryptographic Signature

Advertisement

dedicated server usa
Products Affected

microsoft

  • windows_server_2016
  • windows_rt_8.1
  • windows_server_2019
  • windows_10
  • windows_8.1
  • windows_server_2012

redhat

  • enterprise_linux
  • openshift_container_platform
  • enterprise_linux_atomic_host

gnu

  • grub2

canonical

  • ubuntu_linux

opensuse

  • leap

suse

  • suse_linux_enterprise_server

debian

  • debian_linux