VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15705.html
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3216
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3217
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3223
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3227
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3271
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3273
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3274
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3275
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3276
cvssv3	6.4	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15705.json
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00028	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00100	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00100	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00100	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-15705
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1860978
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15705
cvssv3.1	7.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
generic_textual	Medium	https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html
cvssv2	4.4	https://nvd.nist.gov/vuln/detail/CVE-2020-15705
cvssv3	6.4	https://nvd.nist.gov/vuln/detail/CVE-2020-15705
cvssv3.1	6.4	https://nvd.nist.gov/vuln/detail/CVE-2020-15705
generic_textual	Medium	https://ubuntu.com/security/notices/USN-4432-1
generic_textual	Medium	https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass
generic_textual	Medium	https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
generic_textual	Medium	https://www.openwall.com/lists/oss-security/2020/07/29/3

System

Score

Found at

generic_textual

Medium

http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15705.html

rhas

Moderate

https://access.redhat.com/errata/RHSA-2020:3216

rhas

Moderate

https://access.redhat.com/errata/RHSA-2020:3217

rhas

Moderate

https://access.redhat.com/errata/RHSA-2020:3223

rhas

Moderate

https://access.redhat.com/errata/RHSA-2020:3227

rhas

Moderate

https://access.redhat.com/errata/RHSA-2020:3271

rhas

Moderate

https://access.redhat.com/errata/RHSA-2020:3273

rhas

Moderate

https://access.redhat.com/errata/RHSA-2020:3274

rhas

Moderate

https://access.redhat.com/errata/RHSA-2020:3275

rhas

Moderate

https://access.redhat.com/errata/RHSA-2020:3276

cvssv3

6.4

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15705.json

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00019

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00024

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00028

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00070

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00070

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00070

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00070

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00070

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00070

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00070

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00070

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00100

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00100

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00100

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00105

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00105

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00105

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

epss

0.00105

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

rhbs

medium

https://bugzilla.redhat.com/show_bug.cgi?id=1860978

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15705

cvssv3.1

7.8

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

generic_textual

Medium

https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html

cvssv2

4.4

https://nvd.nist.gov/vuln/detail/CVE-2020-15705

cvssv3

6.4

https://nvd.nist.gov/vuln/detail/CVE-2020-15705

cvssv3.1

6.4

https://nvd.nist.gov/vuln/detail/CVE-2020-15705

generic_textual

Medium

https://ubuntu.com/security/notices/USN-4432-1

generic_textual

Medium

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass

generic_textual

Medium

https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

generic_textual

Medium

https://www.openwall.com/lists/oss-security/2020/07/29/3

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html
		http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html
		http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15705.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15705.json
		https://access.redhat.com/security/vulnerabilities/grub2bootloader
		https://api.first.org/data/v1/epss?cve=CVE-2020-15705
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15705
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html
		https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011
		https://security.gentoo.org/glsa/202104-05
		https://security.netapp.com/advisory/ntap-20200731-0008/
		https://ubuntu.com/security/notices/USN-4432-1
		https://usn.ubuntu.com/4432-1/
		https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass
		https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot
		https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
		https://www.openwall.com/lists/oss-security/2020/07/29/3
		https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/
		https://www.suse.com/support/kb/doc/?id=000019673
		http://ubuntu.com/security/notices/USN-4432-1
		http://www.openwall.com/lists/oss-security/2020/07/29/3
		http://www.openwall.com/lists/oss-security/2021/03/02/3
		http://www.openwall.com/lists/oss-security/2021/09/17/2
		http://www.openwall.com/lists/oss-security/2021/09/17/4
		http://www.openwall.com/lists/oss-security/2021/09/21/1
1860978		https://bugzilla.redhat.com/show_bug.cgi?id=1860978
cpe:2.3:a:gnu:grub2::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2::::::::
cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:::::::*
cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*
cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::
cpe:2.3:o:debian:debian_linux:10.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
cpe:2.3:o:microsoft:windows_10:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:-:::::::*
cpe:2.3:o:microsoft:windows_10:1607:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1607:::::::*
cpe:2.3:o:microsoft:windows_10:1709:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1709:::::::*
cpe:2.3:o:microsoft:windows_10:1803:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1803:::::::*
cpe:2.3:o:microsoft:windows_10:1809:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1809:::::::*
cpe:2.3:o:microsoft:windows_10:1903:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1903:::::::*
cpe:2.3:o:microsoft:windows_10:1909:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1909:::::::*
cpe:2.3:o:microsoft:windows_10:2004:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:2004:::::::*
cpe:2.3:o:microsoft:windows_8.1:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_8.1:-:::::::*
cpe:2.3:o:microsoft:windows_rt_8.1:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_rt_8.1:-:::::::*
cpe:2.3:o:microsoft:windows_server_2012:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:-:::::::*
cpe:2.3:o:microsoft:windows_server_2012:r2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:r2:::::::*
cpe:2.3:o:microsoft:windows_server_2016:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:-:::::::*
cpe:2.3:o:microsoft:windows_server_2016:1903:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:1903:::::::*
cpe:2.3:o:microsoft:windows_server_2016:1909:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:1909:::::::*
cpe:2.3:o:microsoft:windows_server_2016:2004:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:2004:::::::*
cpe:2.3:o:microsoft:windows_server_2019:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2019:-:::::::*
cpe:2.3:o:opensuse:leap:15.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
cpe:2.3:o:opensuse:leap:15.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:::::::*
cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:::::::*
cpe:2.3:o:suse:suse_linux_enterprise_server:12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:::::::*
cpe:2.3:o:suse:suse_linux_enterprise_server:15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:15:::::::*
CVE-2020-15705		https://nvd.nist.gov/vuln/detail/CVE-2020-15705
RHSA-2020:3216		https://access.redhat.com/errata/RHSA-2020:3216
RHSA-2020:3217		https://access.redhat.com/errata/RHSA-2020:3217
RHSA-2020:3223		https://access.redhat.com/errata/RHSA-2020:3223
RHSA-2020:3227		https://access.redhat.com/errata/RHSA-2020:3227
RHSA-2020:3271		https://access.redhat.com/errata/RHSA-2020:3271
RHSA-2020:3273		https://access.redhat.com/errata/RHSA-2020:3273
RHSA-2020:3274		https://access.redhat.com/errata/RHSA-2020:3274
RHSA-2020:3275		https://access.redhat.com/errata/RHSA-2020:3275
RHSA-2020:3276		https://access.redhat.com/errata/RHSA-2020:3276

Reference id

Reference type

URL

http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html

http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html

http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15705.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15705.json

https://access.redhat.com/security/vulnerabilities/grub2bootloader

https://api.first.org/data/v1/epss?cve=CVE-2020-15705

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15705

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011

https://security.gentoo.org/glsa/202104-05

https://security.netapp.com/advisory/ntap-20200731-0008/

https://ubuntu.com/security/notices/USN-4432-1

https://usn.ubuntu.com/4432-1/

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass

https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot

https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

https://www.openwall.com/lists/oss-security/2020/07/29/3

https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/

https://www.suse.com/support/kb/doc/?id=000019673

http://ubuntu.com/security/notices/USN-4432-1

http://www.openwall.com/lists/oss-security/2020/07/29/3

http://www.openwall.com/lists/oss-security/2021/03/02/3

http://www.openwall.com/lists/oss-security/2021/09/17/2

http://www.openwall.com/lists/oss-security/2021/09/17/4

http://www.openwall.com/lists/oss-security/2021/09/21/1

1860978

https://bugzilla.redhat.com/show_bug.cgi?id=1860978

cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*

cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*

CVE-2020-15705

https://nvd.nist.gov/vuln/detail/CVE-2020-15705

RHSA-2020:3216

https://access.redhat.com/errata/RHSA-2020:3216

RHSA-2020:3217

https://access.redhat.com/errata/RHSA-2020:3217

RHSA-2020:3223

https://access.redhat.com/errata/RHSA-2020:3223

RHSA-2020:3227

https://access.redhat.com/errata/RHSA-2020:3227

RHSA-2020:3271

https://access.redhat.com/errata/RHSA-2020:3271

RHSA-2020:3273

https://access.redhat.com/errata/RHSA-2020:3273

RHSA-2020:3274

https://access.redhat.com/errata/RHSA-2020:3274

RHSA-2020:3275

https://access.redhat.com/errata/RHSA-2020:3275

RHSA-2020:3276

https://access.redhat.com/errata/RHSA-2020:3276

Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15705.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2020-15705

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-15705

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-15705

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-hawm-atv4-aaaf
Aliases	CVE-2020-15705
Summary	GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

CWE-347	Improper Verification of Cryptographic Signature
CWE-440	Expected Behavior Violation

Percentile	0.02827
EPSS Score	0.00019
Published At	March 28, 2025, 12:55 p.m.