NVD - cve-2020-10713 (original) (raw)

CVE-2020-10713 Detail

Description

A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST CVSS score

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST CVSS score

NIST: NVD

Base Score: 8.2 HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: 4.6 MEDIUM

Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P)

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html CVE, Inc., Red Hat Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html CVE, Inc., Red Hat Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2020/07/29/3 CVE, Inc., Red Hat Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1825243 CVE, Inc., Red Hat Issue Tracking Third Party Advisory
https://cve.openeuler.org/#/CVEInfo/CVE-2020-10713 CVE, Inc., Red Hat Broken Link
https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ CVE, Inc., Red Hat Technical Description Third Party Advisory
https://kb.vmware.com/s/article/80181 CVE, Inc., Red Hat Third Party Advisory
https://security.gentoo.org/glsa/202104-05 CVE, Inc., Red Hat Third Party Advisory
https://security.netapp.com/advisory/ntap-20200731-0008/ CVE, Inc., Red Hat Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-grub2-code-exec-xLePCAPY CVE, Inc., Red Hat Third Party Advisory
https://usn.ubuntu.com/4432-1/ CVE, Inc., Red Hat Third Party Advisory
https://www.debian.org/security/2020/dsa-4735 CVE, Inc., Red Hat Third Party Advisory
https://www.kb.cert.org/vuls/id/174059 CVE, Inc., Red Hat Third Party Advisory US Government Resource

Weakness Enumeration

CWE-ID CWE Name Source
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') cwe source acceptance level NIST

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

14 change records found show changes

CVE Modified by CVE 11/20/2024 11:55:54 PM

Action Type Old Value New Value
Added Reference http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html
Added Reference http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html
Added Reference http://www.openwall.com/lists/oss-security/2020/07/29/3
Added Reference https://bugzilla.redhat.com/show\_bug.cgi?id=1825243
Added Reference https://cve.openeuler.org/#/CVEInfo/CVE-2020-10713
Added Reference https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
Added Reference https://kb.vmware.com/s/article/80181
Added Reference https://security.gentoo.org/glsa/202104-05
Added Reference https://security.netapp.com/advisory/ntap-20200731-0008/
Added Reference https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-grub2-code-exec-xLePCAPY
Added Reference https://usn.ubuntu.com/4432-1/
Added Reference https://www.debian.org/security/2020/dsa-4735
Added Reference https://www.kb.cert.org/vuls/id/174059

CVE Modified by Red Hat, Inc. 5/14/2024 2:15:59 AM

Action Type Old Value New Value

Modified Analysis by NIST 11/15/2022 11:06:00 PM

Action Type Old Value New Value
Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Added CPE Configuration OR *cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* *cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
Added CPE Configuration OR *cpe:2.3:o:vmware:photon_os:*:*:*:*:*:*:*:* versions up to (excluding) 2.0
Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html Mailing List, Third Party Advisory
Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html Mailing List, Third Party Advisory
Changed Reference Type http://www.openwall.com/lists/oss-security/2020/07/29/3 No Types Assigned http://www.openwall.com/lists/oss-security/2020/07/29/3 Mailing List, Third Party Advisory
Changed Reference Type https://cve.openeuler.org/#/CVEInfo/CVE-2020-10713 No Types Assigned https://cve.openeuler.org/#/CVEInfo/CVE-2020-10713 Broken Link
Changed Reference Type https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ No Types Assigned https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ Technical Description, Third Party Advisory
Changed Reference Type https://kb.vmware.com/s/article/80181 No Types Assigned https://kb.vmware.com/s/article/80181 Third Party Advisory
Changed Reference Type https://security.gentoo.org/glsa/202104-05 No Types Assigned https://security.gentoo.org/glsa/202104-05 Third Party Advisory
Changed Reference Type https://www.debian.org/security/2020/dsa-4735 No Types Assigned https://www.debian.org/security/2020/dsa-4735 Third Party Advisory

CVE Modified by Red Hat, Inc. 4/30/2021 10:15:07 PM

Action Type Old Value New Value
Added Reference https://security.gentoo.org/glsa/202104-05 [No Types Assigned]

CVE Modified by Red Hat, Inc. 10/19/2020 5:15:12 PM

Action Type Old Value New Value
Added Reference https://cve.openeuler.org/#/CVEInfo/CVE-2020-10713 [No Types Assigned]

CVE Modified by Red Hat, Inc. 8/26/2020 4:15:11 PM

Action Type Old Value New Value
Added Reference https://kb.vmware.com/s/article/80181 [No Types Assigned]

CVE Modified by Red Hat, Inc. 8/25/2020 10:15:15 AM

Action Type Old Value New Value
Added Reference http://www.openwall.com/lists/oss-security/2020/07/29/3 [No Types Assigned]
Added Reference https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ [No Types Assigned]
Added Reference https://www.debian.org/security/2020/dsa-4735 [No Types Assigned]

CVE Modified by Red Hat, Inc. 8/08/2020 2:15:11 PM

Action Type Old Value New Value
Added Reference http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html [No Types Assigned]
Added Reference http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html [No Types Assigned]

Reanalysis by NIST 8/06/2020 1:10:01 PM

Action Type Old Value New Value
Added CVSS V3.1 NIST AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Removed CVSS V3.1 NIST AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Initial Analysis by NIST 8/05/2020 10:33:27 AM

Action Type Old Value New Value
Added CVSS V3.1 NIST AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Added CVSS V2 NIST (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Added CWE NIST CWE-120
Added CPE Configuration OR *cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:* versions up to (excluding) 2.06
Changed Reference Type https://bugzilla.redhat.com/show\_bug.cgi?id=1825243 No Types Assigned https://bugzilla.redhat.com/show\_bug.cgi?id=1825243 Issue Tracking, Third Party Advisory
Changed Reference Type https://security.netapp.com/advisory/ntap-20200731-0008/ No Types Assigned https://security.netapp.com/advisory/ntap-20200731-0008/ Third Party Advisory
Changed Reference Type https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-grub2-code-exec-xLePCAPY No Types Assigned https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-grub2-code-exec-xLePCAPY Third Party Advisory
Changed Reference Type https://usn.ubuntu.com/4432-1/ No Types Assigned https://usn.ubuntu.com/4432-1/ Third Party Advisory
Changed Reference Type https://www.kb.cert.org/vuls/id/174059 No Types Assigned https://www.kb.cert.org/vuls/id/174059 Third Party Advisory, US Government Resource

CVE Modified by Red Hat, Inc. 8/04/2020 10:15:11 PM

Action Type Old Value New Value
Added Reference https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-grub2-code-exec-xLePCAPY [No Types Assigned]

CVE Modified by Red Hat, Inc. 8/04/2020 5:15:14 PM

Action Type Old Value New Value
Added Reference https://usn.ubuntu.com/4432-1/ [No Types Assigned]

CVE Modified by Red Hat, Inc. 7/31/2020 10:15:11 AM

Action Type Old Value New Value
Added Reference https://security.netapp.com/advisory/ntap-20200731-0008/ [No Types Assigned]

CVE Modified by Red Hat, Inc. 7/30/2020 1:15:11 PM

Action Type Old Value New Value
Added Reference https://www.kb.cert.org/vuls/id/174059 [No Types Assigned]

Quick Info

CVE Dictionary Entry:
CVE-2020-10713
NVD Published Date:
07/30/2020
NVD Last Modified:
11/20/2024
Source:
Red Hat, Inc.