CVE-2020-15705 vulnerability in Red Hat and Other Products
Published on July 29, 2020
GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim
Vulnerability Analysis
CVE-2020-15705 can be exploited with local system access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Improper Verification of Cryptographic Signature
The software does not verify, or incorrectly verifies, the cryptographic signature for data.
Products Associated with CVE-2020-15705
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-15705 are published in these products:
Affected Versions
grub2 in Ubuntu:- Version 20.04 LTS and below 2.04-1ubuntu26.1 is affected.
- Version 18.04 LTS and below 2.02-2ubuntu8.16 is affected.
- Version 16.04 LTS and below 2.02~beta2-36ubuntu3.26 is affected.
- Version 14.04 ESM and below 2.02~beta2-9ubuntu1.20 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.