CVE-2020-26200

Summary

A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk (KRD) and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security (KES). This issue allowed to bypass the UEFI Secure Boot security feature. An attacker would need physical access to the computer to exploit it. Otherwise, local administrator privileges would be required to modify the boot loader component.

Affected Software

VendorProductVersion RangeStatus
N/AKaspersky Rescue Disk VersionAll versions prior to 18.0.11.3 (patch C)affected
N/AKaspersky Endpoint Security with the Full Disk Encryption component installed10 SP2 MR2affected
N/AKaspersky Endpoint Security with the Full Disk Encryption component installed10 SP2 MR3affected
N/AKaspersky Endpoint Security with the Full Disk Encryption component installed11.0.0affected
N/AKaspersky Endpoint Security with the Full Disk Encryption component installed11.0.1affected
N/AKaspersky Endpoint Security with the Full Disk Encryption component installed11.1.0affected

Weaknesses

  • Bypass

ADP Enrichment

CVE Program Container

Additional References

References