CVE-2020-15705

CVSS v3.1

6.4

Medium

Vector

AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions GRUB2 versions 2.04 and prior

Description The issue is related to an incorrect validation of cryptographic signatures in the GRUB2 bootloader, which can allow an attacker to bypass secure boot and execute arbitrary code, gaining full control over the device. This affects systems where the kernel signing certificate is directly imported into the secure boot database and the GRUB image is booted without the use of shim.

Recommendations For GRUB2 versions 2.04 and prior, consider updating to a version that includes the fix for this issue, as the current version allows secure boot to be bypassed when booted directly without shim. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Verification of Cryptographic Signature

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-347CWE-440

Related Identifiers

ALT-PU-2020-3534

ALT-PU-2021-1969

ALT-PU-2021-3464

BDU:2022-05895

CESA-2020_3216

CESA-2020_3217

CVE-2020-15705

MGASA-2021-0315

OPENSUSE-SU-2020:1280-1

OPENSUSE-SU-2020:1282-1

OPENSUSE-SU-2020_1280-1

OPENSUSE-SU-2020_1282-1

OPENSUSE-SU-2024:10824-1

RHSA-2020:3216

RHSA-2020:3217

RHSA-2020:3223

RHSA-2020:3227

RHSA-2020:3271

RHSA-2020:3273

RHSA-2020:3274

RHSA-2020:3275

RHSA-2020:3276

RHSA-2020_3216

RHSA-2020_3217

SUSE-SU-2020:14461-1

SUSE-SU-2020:2303-1

SUSE-SU-2020:2304-1

SUSE-SU-2020:2305-1

SUSE-SU-2020:2306-1

SUSE-SU-2020:2307-1

SUSE-SU-2020:2308-1

SUSE-SU-2020_14461-1

SUSE-SU-2020_2303-1

SUSE-SU-2020_2304-1

SUSE-SU-2020_2305-1

SUSE-SU-2020_2306-1

SUSE-SU-2020_2307-1

SUSE-SU-2020_2308-1

USN-4432-1

USN-4432-2

Affected Products

Alt Linux

Centos

Grub2

Linuxmint

Red Hat

Red Os

Suse

Ubuntu

CVE-2020-15705

Weakness Enumeration

Related Identifiers

Affected Products

References · 96