Vulnerabilites related to horizondatasys - uefi_bootloader
Vulnerability from fkie_nvd
Published
2022-08-26 18:15
Modified
2024-11-21 07:09
Severity ?
Summary
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| horizondatasys | uefi_bootloader | * | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| microsoft | windows_10 | - | |
| microsoft | windows_10 | 20h2 | |
| microsoft | windows_10 | 21h1 | |
| microsoft | windows_10 | 21h2 | |
| microsoft | windows_10 | 1607 | |
| microsoft | windows_10 | 1809 | |
| microsoft | windows_11 | - | |
| microsoft | windows_8.1 | - | |
| microsoft | windows_rt_8.1 | - | |
| microsoft | windows_server_2012 | - | |
| microsoft | windows_server_2012 | r2 | |
| microsoft | windows_server_2016 | - | |
| microsoft | windows_server_2016 | 20h2 | |
| microsoft | windows_server_2019 | - | |
| microsoft | windows_server_2022 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:horizondatasys:uefi_bootloader:*:*:*:*:*:*:*:*", matchCriteriaId: "8E728322-5DEB-4F51-8D7E-EEB429C982CD", versionEndExcluding: "2022-06-01", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", matchCriteriaId: "21540673-614A-4D40-8BD7-3F07723803B0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", matchCriteriaId: "9E2C378B-1507-4C81-82F6-9F599616845A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", matchCriteriaId: "FAE4278F-71A7-43E9-8F79-1CBFAE71D730", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", matchCriteriaId: "71E65CB9-6DC2-4A90-8C6A-103BEDC99823", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", matchCriteriaId: "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", matchCriteriaId: "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:*:*", matchCriteriaId: "5200AF17-0458-4315-A9D6-06C8DF67C05B", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", matchCriteriaId: "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", matchCriteriaId: "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", matchCriteriaId: "DB18C4CE-5917-401E-ACF7-2747084FD36E", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", matchCriteriaId: "4A190388-AA82-4504-9D5A-624F23268C9F", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "DB79EE26-FC32-417D-A49C-A1A63165A968", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", matchCriteriaId: "821614DD-37DD-44E2-A8A4-FE8D23A33C3C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.", }, { lang: "es", value: "Se ha encontrado un fallo en los cargadores de arranque de New Horizon Datasys versiones anteriores a 01-06-2022. Un atacante puede usar este administrador de arranque para omitir o manipular las protecciones de Secure Boot. Para cargar y ejecutar código arbitrario en la fase de prearranque, un atacante sólo simplemente debe sustituir el administrador de arranque firmado existente que está siendo usado actualmente por este administrador de arranque. Es requerido acceso a la partición del sistema EFI para arrancar usando medios externos.", }, ], id: "CVE-2022-34302", lastModified: "2024-11-21T07:09:15.480", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-26T18:15:09.047", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot", }, { source: "cve@mitre.org", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/309662", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/309662", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2022-34302
Vulnerability from cvelistv5
Published
2022-08-26 00:00
Modified
2024-08-03 09:07
Severity ?
EPSS score ?
Summary
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:07:16.375Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot", }, { tags: [ "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/309662", }, { tags: [ "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-14T19:06:27.663446", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot", }, { url: "https://www.kb.cert.org/vuls/id/309662", }, { url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-34302", datePublished: "2022-08-26T00:00:00", dateReserved: "2022-06-22T00:00:00", dateUpdated: "2024-08-03T09:07:16.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }