CVE-2020-27779

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1900698

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/

https://security.gentoo.org/glsa/202104-05

Details

Source: MITRE

Published: 2021-03-03

Updated: 2021-05-01

Type: CWE-285

Risk Information

CVSS v2

Base Score: 6.9

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 0.8

Severity: HIGH

Tenable Plugins

View all (45 total)

IDNameProductFamilySeverity
153777RHEL 8 : shim and fwupd (RHSA-2021:3675)NessusRed Hat Local Security Checks
high
153312EulerOS 2.0 SP2 : grub2 (EulerOS-SA-2021-2376)NessusHuawei Local Security Checks
high
151844RHEL 8 : shim and fwupd (RHSA-2021:2790)NessusRed Hat Local Security Checks
high
151799Amazon Linux 2 : grub2 (ALAS-2021-1684)NessusAmazon Linux Local Security Checks
high
151766EulerOS 2.0 SP5 : grub2 (EulerOS-SA-2021-2218)NessusHuawei Local Security Checks
high
151362CentOS 8 : fwupd (CESA-2021:2566)NessusCentOS Local Security Checks
high
151182EulerOS Virtualization for ARM 64 3.0.6.0 : grub2 (EulerOS-SA-2021-2001)NessusHuawei Local Security Checks
high
151140RHEL 8 : fwupd (RHSA-2021:2566)NessusRed Hat Local Security Checks
high
150867Ubuntu 18.04 LTS / 20.04 LTS : GRUB 2 vulnerabilities (USN-4992-1)NessusUbuntu Local Security Checks
high
150532SUSE SLES11 Security Update : grub2 (SUSE-SU-2021:14659-1)NessusSuSE Local Security Checks
high
150210EulerOS 2.0 SP9 : grub2 (EulerOS-SA-2021-1927)NessusHuawei Local Security Checks
high
150176EulerOS 2.0 SP9 : grub2 (EulerOS-SA-2021-1948)NessusHuawei Local Security Checks
high
149687RHEL 8 : shim (RHSA-2021:1734)NessusRed Hat Local Security Checks
high
149601EulerOS 2.0 SP8 : grub2 (EulerOS-SA-2021-1875)NessusHuawei Local Security Checks
high
149217GLSA-202104-05 : GRUB: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
149104EulerOS 2.0 SP3 : grub2 (EulerOS-SA-2021-1794)NessusHuawei Local Security Checks
high
148618EulerOS Virtualization 2.9.1 : grub2 (EulerOS-SA-2021-1714)NessusHuawei Local Security Checks
high
148577EulerOS Virtualization 2.9.0 : grub2 (EulerOS-SA-2021-1741)NessusHuawei Local Security Checks
high
148339Photon OS 2.0: Grub2 PHSA-2021-2.0-0334NessusPhotonOS Local Security Checks
high
148284Photon OS 1.0: Grub2 PHSA-2021-1.0-0376NessusPhotonOS Local Security Checks
high
148045openSUSE Security Update : grub2 (openSUSE-2021-462)NessusSuSE Local Security Checks
high
148024Photon OS 4.0: Grub2 PHSA-2021-4.0-0001NessusPhotonOS Local Security Checks
high
147169Oracle Linux 8 : SUMM: / grub2 (ELSA-2021-0696)NessusOracle Linux Local Security Checks
high
147141Oracle Linux 7 : grub2 (ELSA-2021-0699)NessusOracle Linux Local Security Checks
high
147136Scientific Linux Security Update : grub2 on SL7.x x86_64 (2021:0699)NessusScientific Linux Local Security Checks
high
146996Photon OS 3.0: Grub2 PHSA-2021-3.0-0202NessusPhotonOS Local Security Checks
high
146989Oracle Linux 7 : grub2 (ELSA-2021-9076)NessusOracle Linux Local Security Checks
high
146988Oracle Linux 8 : grub2 (ELSA-2021-9077)NessusOracle Linux Local Security Checks
high
146986Debian DSA-4867-1 : grub2 - security updateNessusDebian Local Security Checks
high
146983SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2021:0683-1)NessusSuSE Local Security Checks
high
146982SUSE SLES15 Security Update : grub2 (SUSE-SU-2021:0685-1)NessusSuSE Local Security Checks
high
146978SUSE SLES15 Security Update : grub2 (SUSE-SU-2021:0684-1)NessusSuSE Local Security Checks
high
146976SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0682-1)NessusSuSE Local Security Checks
high
146973SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0679-1)NessusSuSE Local Security Checks
high
146967SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0681-1)NessusSuSE Local Security Checks
high
146965CentOS 8 : grub2 (CESA-2021:0696)NessusCentOS Local Security Checks
high
146961RHEL 7 : grub2 (RHSA-2021:0699)NessusRed Hat Local Security Checks
high
146960RHEL 7 : grub2 (RHSA-2021:0700)NessusRed Hat Local Security Checks
high
146959RHEL 7 : grub2 (RHSA-2021:0701)NessusRed Hat Local Security Checks
high
146957RHEL 7 : grub2 (RHSA-2021:0703)NessusRed Hat Local Security Checks
high
146955RHEL 8 : grub2 (RHSA-2021:0696)NessusRed Hat Local Security Checks
high
146954RHEL 7 : grub2 (RHSA-2021:0702)NessusRed Hat Local Security Checks
high
146953RHEL 8 : grub2 (RHSA-2021:0697)NessusRed Hat Local Security Checks
high
146952RHEL 7 : grub2 (RHSA-2021:0704)NessusRed Hat Local Security Checks
high
146951RHEL 8 : grub2 (RHSA-2021:0698)NessusRed Hat Local Security Checks
high