Unrated severityNVD Advisory· Published Feb 26, 2021· Updated Aug 4, 2024
CVE-2020-26200
CVE-2020-26200
Description
A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk (KRD) and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security (KES). This issue allowed to bypass the UEFI Secure Boot security feature. An attacker would need physical access to the computer to exploit it. Otherwise, local administrator privileges would be required to modify the boot loader component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- support.kaspersky.com/general/vulnerability.aspxmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.