A vulnerability in DTResearch’s UEFI applications allows attackers to bypass Secure Boot, potentially installing persistent malware. This flaw affects many devices supporting UEFI, emphasizing the importance of supply chain security in firmware. #CVE-2025-3052 #DTResearch #SecureBoot #NVRAM #FirmwareSecurity
Keypoints
- The vulnerability CVE-2025-3052 impacts DTResearch’s UEFI applications signed with a Microsoft certificate.
- Attackers can exploit the flaw using specially crafted NVRAM variables to bypass Secure Boot.
- This security gap enables malicious code execution before the operating system loads, avoiding detection.
- Mitigations have been implemented by Microsoft and other vendors to prevent the loading of affected files.
- The vulnerability is potentially exploitable on most UEFI-supporting devices, except where NVRAM is locked.