CVE-2020-25647

HIGH

Description

A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1886936

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/

https://security.gentoo.org/glsa/202104-05

Details

Source: MITRE

Published: 2021-03-03

Updated: 2021-05-01

Type: CWE-787

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3.0

Base Score: 7.6

Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 0.9

Severity: HIGH

Tenable Plugins

View all (31 total)

IDNameProductFamilySeverity
149217GLSA-202104-05 : GRUB: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
149104EulerOS 2.0 SP3 : grub2 (EulerOS-SA-2021-1794)NessusHuawei Local Security Checks
high
148618EulerOS Virtualization 2.9.1 : grub2 (EulerOS-SA-2021-1714)NessusHuawei Local Security Checks
high
148577EulerOS Virtualization 2.9.0 : grub2 (EulerOS-SA-2021-1741)NessusHuawei Local Security Checks
high
148339Photon OS 2.0: Grub2 PHSA-2021-2.0-0334NessusPhotonOS Local Security Checks
high
148284Photon OS 1.0: Grub2 PHSA-2021-1.0-0376NessusPhotonOS Local Security Checks
high
148045openSUSE Security Update : grub2 (openSUSE-2021-462)NessusSuSE Local Security Checks
high
148024Photon OS 4.0: Grub2 PHSA-2021-4.0-0001NessusPhotonOS Local Security Checks
high
147169Oracle Linux 8 : SUMM: / grub2 (ELSA-2021-0696)NessusOracle Linux Local Security Checks
high
147141Oracle Linux 7 : grub2 (ELSA-2021-0699)NessusOracle Linux Local Security Checks
high
147136Scientific Linux Security Update : grub2 on SL7.x x86_64 (2021:0699)NessusScientific Linux Local Security Checks
high
146996Photon OS 3.0: Grub2 PHSA-2021-3.0-0202NessusPhotonOS Local Security Checks
high
146989Oracle Linux 7 : grub2 (ELSA-2021-9076)NessusOracle Linux Local Security Checks
high
146988Oracle Linux 8 : grub2 (ELSA-2021-9077)NessusOracle Linux Local Security Checks
high
146986Debian DSA-4867-1 : grub2 - security updateNessusDebian Local Security Checks
high
146983SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2021:0683-1)NessusSuSE Local Security Checks
high
146982SUSE SLES15 Security Update : grub2 (SUSE-SU-2021:0685-1)NessusSuSE Local Security Checks
high
146978SUSE SLES15 Security Update : grub2 (SUSE-SU-2021:0684-1)NessusSuSE Local Security Checks
high
146976SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0682-1)NessusSuSE Local Security Checks
high
146973SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0679-1)NessusSuSE Local Security Checks
high
146967SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0681-1)NessusSuSE Local Security Checks
high
146965CentOS 8 : grub2 (CESA-2021:0696)NessusCentOS Local Security Checks
high
146961RHEL 7 : grub2 (RHSA-2021:0699)NessusRed Hat Local Security Checks
high
146960RHEL 7 : grub2 (RHSA-2021:0700)NessusRed Hat Local Security Checks
high
146959RHEL 7 : grub2 (RHSA-2021:0701)NessusRed Hat Local Security Checks
high
146957RHEL 7 : grub2 (RHSA-2021:0703)NessusRed Hat Local Security Checks
high
146955RHEL 8 : grub2 (RHSA-2021:0696)NessusRed Hat Local Security Checks
high
146954RHEL 7 : grub2 (RHSA-2021:0702)NessusRed Hat Local Security Checks
high
146953RHEL 8 : grub2 (RHSA-2021:0697)NessusRed Hat Local Security Checks
high
146952RHEL 7 : grub2 (RHSA-2021:0704)NessusRed Hat Local Security Checks
high
146951RHEL 8 : grub2 (RHSA-2021:0698)NessusRed Hat Local Security Checks
high