{"api_version":"1","generated_at":"2026-04-23T04:20:48+00:00","cve":"CVE-2020-10759","urls":{"html":"https://cve.report/CVE-2020-10759","api":"https://cve.report/api/cve/CVE-2020-10759.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-10759","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-10759"},"summary":{"title":"CVE-2020-10759","description":"A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2020-09-15 19:15:00","updated_at":"2023-02-12 23:39:00"},"problem_types":["CWE-347"],"metrics":[],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2020-10759","name":"https://access.redhat.com/security/cve/CVE-2020-10759","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2020:4436","name":"https://access.redhat.com/errata/RHSA-2020:4436","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1844316","name":"https://bugzilla.redhat.com/show_bug.cgi?id=1844316","refsource":"MISC","tags":["Issue Tracking","Third Party Advisory"],"title":"1844316 – (CVE-2020-10759) CVE-2020-10759 fwupd: Possible bypass in signature verification","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/justinsteven/advisories/blob/master/2020_fwupd_dangling_s3_bucket_and_CVE-2020-10759_signature_verification_bypass.md","name":"https://github.com/justinsteven/advisories/blob/master/2020_fwupd_dangling_s3_bucket_and_CVE-2020-10759_signature_verification_bypass.md","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"advisories/2020_fwupd_dangling_s3_bucket_and_CVE-2020-10759_signature_verification_bypass.md at master · justinsteven/advisories · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-10759","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10759","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"10759","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"10759","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"10759","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"10759","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-10759","qid":"174879","title":"SUSE Enterprise Linux Security Update for fwupd (SUSE-SU-2021:1107-1)"},{"cve":"CVE-2020-10759","qid":"177933","title":"Debian Security Update for fwupd (DLA 2274-1)"},{"cve":"CVE-2020-10759","qid":"377414","title":"Alibaba Cloud Linux Security Update for fwupd (ALINUX3-SA-2021:0048)"},{"cve":"CVE-2020-10759","qid":"750279","title":"OpenSUSE Security Update for fwupd (openSUSE-SU-2021:0522-1)"},{"cve":"CVE-2020-10759","qid":"940203","title":"AlmaLinux Security Update for gnome-software and fwupd (ALSA-2020:4436)"},{"cve":"CVE-2020-10759","qid":"960378","title":"Rocky Linux Security Update for gnome-software and fwupd (RLSA-2020:4436)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2020-10759","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-347","cweId":"CWE-347"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"fwupd","version":{"version_data":[{"version_affected":"=","version_value":"all verions of fwupd"}]}}]}}]}},"references":{"reference_data":[{"url":"https://github.com/justinsteven/advisories/blob/master/2020_fwupd_dangling_s3_bucket_and_CVE-2020-10759_signature_verification_bypass.md","refsource":"MISC","name":"https://github.com/justinsteven/advisories/blob/master/2020_fwupd_dangling_s3_bucket_and_CVE-2020-10759_signature_verification_bypass.md"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1844316","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=1844316"}]}},"nvd":{"publishedDate":"2020-09-15 19:15:00","lastModifiedDate":"2023-02-12 23:39:00","problem_types":["CWE-347"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":6,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.8,"impactScore":5.2},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:N","accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":3.3},"severity":"LOW","exploitabilityScore":3.4,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"10759","Ordinal":"171199","Title":"CVE-2020-10759","CVE":"CVE-2020-10759","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"10759","Ordinal":"1","NoteData":"A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"10759","Ordinal":"2","NoteData":"2020-09-15","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"10759","Ordinal":"3","NoteData":"2020-09-15","Type":"Other","Title":"Modified"}]}}}