CERT /CC has revealed a Secure Boot bypass impacting various vendor-signed UEFI applications. Discovered by ESET researcher Martin Smolar, this vulnerability allows attackers to execute unverified code before the OS loads, undermining Secure Boot's purpose to block untrusted code. Major OEMs signed the affected binaries, enabling firmware to trust them by default, which could lead to severe breaches like persistent platform compromise.
The attack resembles a 'Bring Your Own Vulnerable Driver' (BYOVD) method but leverages signed UEFI applications instead of drivers. Affected vendors include Acer, AMD, ASUS, and others, with patch recommendations including firmware updates and UEFI DBX revisions to mitigate risk.