Vulnerability Details : CVE-2020-10713
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Vulnerability category: Overflow
Products affected by CVE-2020-10713
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:photon_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-10713
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-10713
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
8.2
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
1.5
|
6.0
|
NIST |
CWE ids for CVE-2020-10713
-
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-10713
-
https://cve.openeuler.org/#/CVEInfo/CVE-2020-10713
openEulerBroken Link
-
http://www.openwall.com/lists/oss-security/2020/07/29/3
oss-security - multiple secure boot grub2 and linux kernel vulnerabilitiesMailing List;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1825243
1825243 – (CVE-2020-10713) CVE-2020-10713 grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot processIssue Tracking;Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4735
Debian -- Security Information -- DSA-4735-1 grub2Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html
[security-announce] openSUSE-SU-2020:1168-1: important: Security updateMailing List;Third Party Advisory
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-grub2-code-exec-xLePCAPY
GRUB2 Arbitrary Code Execution VulnerabilityThird Party Advisory
-
https://kb.vmware.com/s/article/80181
VMware response to GRUB2 security vulnerability CVE-2020-10713Third Party Advisory
-
https://security.gentoo.org/glsa/202104-05
GRUB: Multiple vulnerabilities (GLSA 202104-05) — Gentoo securityThird Party Advisory
-
https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
There’s a Hole in the Boot - EclypsiumTechnical Description;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20200731-0008/
July 2020 Grub2 Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html
[security-announce] openSUSE-SU-2020:1169-1: important: Security updateMailing List;Third Party Advisory
-
https://usn.ubuntu.com/4432-1/
USN-4432-1: GRUB 2 vulnerabilities | Ubuntu security notices | UbuntuThird Party Advisory
-
https://www.kb.cert.org/vuls/id/174059
VU#174059 - GRUB2 bootloader is vulnerable to buffer overflowThird Party Advisory;US Government Resource
Jump to