Back to 28: Grub2 Authentication Bypass 0-Day
Description. A vulnerability in Grub2 has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords).
The researchers, Hector Marco and Ismael Ripoll from the Cybersecurity Group at Polytechnic University of Valencia, found that it’s possible to bypass all security of a locked-down Linux machine by exploiting a bug in the Grub2 bootloader. Essentially, hitting backspace 28 times when the machine asks for your username accesses the “Grub rescue shell,” and once there, you can access the computer’s data or install malware. Fortunately, Marco and Ripoll have made an emergency patch to fix the Grub2 vulnerability. Ubuntu, Red Hat, and Debian have all issued patches to fix it as well.
If it says one thing it's that no matter how hardened your network is… physical security is still important.