Eclypsium researchers have discovered an arbitrary code execution vulnerability - dubbed BootHole - in the GRUB2 bootloader that can bypass UEFI and OS Secure Boot, impacting other OS defenses. The vulnerability has been rated as High Severity (CVSS 8.2) and is being tracked as CVE-2020-10713. Attackers exploiting this vulnerability can install persistent and stealthy bootkits or malicious bootloaders that could give them near-total control over the victim device. The majority of laptops, desktops, servers and workstations are affected, as well as network appliances and other special purpose equipment used in industrial, healthcare, financial and other industries.
In this webinar Yuriy Bulygin, CEO and John Loucaides, VP of Research and Development at Eclypsium, will provide a briefing on the key issues enterprise IT and security leaders need to know in order to effectively mitigate this issue.