Grub2
CVE-2020-10713
HIGH
Severity by source
AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
AnalysisAI
A flaw was found in grub2, prior to version 2.06. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Affected products include: Gnu Grub2, Debian Debian Linux, Opensuse Leap, Vmware Photon Os. Version information: version 2.06..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, ob
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. Rated high severity (CVSS 7.8), this vulnerabil
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI syst
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRU
GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesys
A buffer overflow was found in grub_font_construct_glyph(). Rated high severity (CVSS 8.6), this vulnerability is no aut
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. Rated medium severity (CVSS 4.6), this vulnerabi
A flaw was found in grub2 in versions prior to 2.06. Rated high severity (CVSS 8.2), this vulnerability is low attack co
A flaw was found in grub2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch
A flaw was found in the HFS filesystem. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesyste
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to alloc
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today