[Bug 1819426] CVE-2019-9436 kernel: secure boot bypass in bootloader leads to local privilege escalation

Author:



A vulnerability was found the bootloader in Kernel where there is a possible secure boot bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. References:

Created kernel tracking bugs for this issue: Affects:….



Source link

Write a comment:
*

Your email address will not be published.

RELATED STORIES
vamtam-theme-circle-post
Category Product Vulnerabilities

Ransomware : une attaque suspectée d’avoir provoqué un décès en Allemagne

September 18, 2020
Les autorités allemandes enquêtent sur la mort d’un patient à la suite d’une attaque...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

Kritische Schadcode-Lücke in Trend Micro ServerProtect bedroht Linux

September 17, 2020
Damit keine Malware auf Linux-Servern landet, sollten Admins die eigentlich schützende Software ServerProtect for Linux...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

"Zerologon": Neu entdeckte Windows-Schwachstelle macht Angreifer sofort zu Admins

September 16, 2020
Forscher des Unternehmens Secura haben eine neue Schwachstelle in Microsofts Windows-Betriebssystem entdeckt und auch gleich...
Read More
Category Product Vulnerabilities

NetLogon特权提升漏洞风险通告更新:漏洞详情和验证脚本已公开

September 15, 2020
漏洞描述. 资讯 9月14日,腾讯安全威胁情报中心注意到有国外安全厂商将NetLogon特权提升漏洞(CVE-2020-1472)的漏洞技术分析和验证脚本公开上传到github,该漏洞高度危险,漏洞利用代码公开意味着大规模的漏洞利用将很快到来。 编号为CVE-2020-1472的NetLogon特权提升漏洞,是微软8月份发布例行安全公告时披露的,该漏洞评分为10分,为严重等级,即影响面广,漏洞利用后果严重。腾讯安全威胁情报中心在8月12日当天曾经发文提醒企业用户高度关注。 当攻击者使用 Netlogon 远程协议 (MS-NRPC) 建立与域控制器连接的易受攻击的 Netlogon…. Source link
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

Новости информационной безопасности

September 14, 2020
Это первая статья из серии переводов стандарта Application Security Verification Standard 4.0, который был разработан...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

云安全日报200903:友讯(D-Link)云计算摄影机发现重要漏洞,需要尽快升级

September 13, 2020
原标题:云安全日报200903:友讯(D-Link)云计算摄影机发现重要漏洞,需要尽快升级. 随着科学技术的发展,互联网正以飞快的速度进入千家万户。对于许多人来说,都希望通过安装“智能”摄像头,来提高家庭或办公室的安全性。一旦这些设备直接连接到互联网,只需点击几下,用户就可以轻松查看他们的监控视频流。然而,如果摄像头受到安全漏洞的影响,那么这种“便利性”将很快变成薄弱点,会给未经授权的攻击者打开大门。根据友讯(D-Link)官方安全公告显示,友讯网络摄影机爆出重要漏洞。以下是漏洞详情: 漏洞详情. 来源: https://supportannouncement.us.dlink.com/announcement/publication. Source link
Read More
Category Product Vulnerabilities

【安全通报】PAN-OS远程代码执行漏洞(CVE-2020-2040)通告

September 12, 2020
近日,白帽汇安全研究院监测到Palo Alto Networks(PAN)发布安全公告,披露了一个编号为CVE-2020-2040的严重漏洞,CVSS评分为9.8。该漏洞是PAN-OS上的一个缓冲区溢出漏洞,当启用了强制门户或配置了多重身份验证(MFA)时,未经身份验证的攻击者可通过向Captive Portal或Multi-Factor Authentication接口发送恶意请求进行利用,可能导致系统进程中断,并允许使用root特权在PAN-OS设备上执行任意代码。此漏洞利用难度低,且无需用户交互,请相关用户尽快采取措施进行防护。 PAN-OS是一个运行在Palo Alto…. Source link
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-24164 – Alert Detail – Security Database

September 11, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

Positive Technologies: уязвимости в PAN-OS могли угрожать безопасности внутренних сетей

September 10, 2020
10.09.2020, Чт, 14:28, Мск Palo Alto Networks устранила уязвимости в PAN-OS, операционной системе, использующейся межсетевыми...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

Patchday: Angreifer könnten unberechtigt auf SAP-Software zugreifen

September 9, 2020
Angreifer könnten Systeme mit Software von SAP attackieren und im schlimmsten Fall eigenen Code ausführen....
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact