CVE-2020-14372

7.5HIGH

Key Information:

Vendor
Gnu
Status
Grub2
Vendor
CVE Published:
3 March 2021

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC

Summary

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.

Affected Version(s)

grub2 grub 2.06

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2020-14372
Created by kukrimate

References

https://bugzilla.redhat.com/show_bug.cgi?id=1873150
x_refsource_MISC
https://access.redhat.com/security/vulnerabilities/RHSB-2...
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20210416-0004/
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.