8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
48.3%
GRUB2 as used by IBM QRadar SIEM is vulnerable to arbitrary code execution
CVEID:CVE-2021-20225
**DESCRIPTION:**GNU GRUB2 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a heap out-of-bounds write flaw in the short form option parser. By sending specially-crafted commands, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197608 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVEID:CVE-2020-25632
**DESCRIPTION:**GNU GRUB2 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the rmmod implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code and bypass Secure Boot protections.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197604 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVEID:CVE-2021-20233
**DESCRIPTION:**GNU GRUB2 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a heap out-of-bounds write flaw due to miscalculation of space required for quoting. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197616 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVEID:CVE-2020-25647
**DESCRIPTION:**GNU GRUB2 could allow a physical authenticated attacker to execute arbitrary code on the system, caused by an out-of-bound write flaw in the grub_usb_device_initialize function. By using a specially-crafted USB device, an attacker could exploit this vulnerability to execute arbitrary code and bypass Secure Boot protections.
CVSS Base score: 6.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197605 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVEID:CVE-2021-3418
**DESCRIPTION:**GNU GRUB2 could allow a local authenticated attacker to bypass security restrictions, caused by improper validation of kernel signature when booted directly without shim. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass secure boot to boot any kernel.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197617 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVEID:CVE-2020-27749
**DESCRIPTION:**GNU GRUB2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the rub_parser_split_cmdline function. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code and bypass Secure Boot protections.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197606 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVEID:CVE-2020-14372
**DESCRIPTION:**GNU GRUB2 could allow a local authenticated attacker to execute arbitrary code on the system, caused by improper input validation by the acpi command. By using specially-crafted ACPI tables, an attacker could exploit this vulnerability to load unsigned kernel modules and execute arbitrary kexec unsigned on the system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197603 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVEID:CVE-2020-27779
**DESCRIPTION:**GNU GRUB2 could allow a local authenticated attacker to bypass security restrictions, caused by the failure to honor Secure Boot locking in the cutmem command. By sending a specially-crafted request, an attacker could exploit this vulnerability to remove address ranges from memory and bypass Secure Boot protections.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197607 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8
IBM QRadar SIEM 7.4.0 to 7.4.3 GA
QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 9
QRadar / QRM / QVM / QRIF / QNI 7.4.3 Patch 1
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm qradar siem | eq | 7.3 | |
ibm qradar siem | eq | 7.4 |
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
48.3%