• 0

CVE-2015-8370: Grub2 Authentication 0-Day  hmarco.org

2015-12-15 23:14:42 in Information Security (InfoSec) by Red Letter Security

"A vulnerability in Grub2 has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords). And so, the attacker may take control of the computer."