CVE-2020-26200

26.02.2021, 14:15

A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk (KRD) and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security (KES). This issue allowed to bypass the UEFI Secure Boot security feature. An attacker would need physical access to the computer to exploit it. Otherwise, local administrator privileges would be required to modify the boot loader component.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.8 MEDIUM	PHYSICAL	LOW	NONE	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Kaspersky	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 5%

Vendor	Product	Version
kaspersky	endpoint_security	11.0.0
kaspersky	endpoint_security	11.0.1
kaspersky	endpoint_security	11.1.0
kaspersky	rescue_disk	𝑥 < 18.0.11.3

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-287 - Improper Authentication
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

References

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#170221

https://github.com/CVEProject/cvelist/blob/master/2020/26xxx/CVE-2020-26200.json

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#170221