{"document":{"acknowledgments":[{"urls":["https://kb.cert.org/vuls/id/806555#acknowledgements"]}],"category":"CERT/CC Vulnerability Note","csaf_version":"2.0","notes":[{"category":"summary","text":"### Overview\r\n\r\nUEFI firmware applications `DTBios` and `BiosFlashShell` from [DTResearch](https://dtresearch.com) contain a vulnerability that allows Secure Boot to be bypassed using a specially crafted NVRAM variable. The vulnerability stems from improper handling of a runtime NVRAM variable that enables an arbitrary write primitive, capable of modifying critical firmware structures, including the global Security2 Architectural Protocol used for Secure Boot verification.. Because the affected applications are signed by the Microsoft UEFI Certificate Authority, this vulnerability can be exploited on any UEFI-compliant system, allowing unsigned code to run during the boot process.\r\n\r\n### Description\r\n\r\n[Unified Extensible Firmware Interface (UEFI)](https://uefi.org/) defines a modern firmware architecture that facilitates interaction between a computer’s hardware and its operating system during early boot. When a UEFI-compliant system starts, UEFI applications and drivers are executed to initialize the system and hand off control to the operating system (OS) loader. These UEFI applications must be signed and verified for execution under Secure Boot. These signatures can originate from the OEM or from entries in the system’s signature database (DB), which commonly includes the Microsoft UEFI Certificate Authority (CA).\r\n\r\nUEFI defines extensible NVRAM variables that store configuration, device customization, and runtime context shared across UEFI applications and the operating system. A vulnerability was identified in a Microsoft-signed UEFI application that uses the NVRAM variable `IhisiParamBuffer` as a pointer for memory operations, including overwriting the critical global security parameter `gSecurity2` . This allows bypassing [Security2 Architectural Protocol](https://uefi.org/specs/PI/1.8A/V2_DXE_Architectural_Protocols.html#security2-architectural-protocol)-based verification , enabling the execution of any unsigned UEFI binaries irresepective of UEFI Secure Boot settings.\r\n\r\nIn some implementations, `IhisiParamBuffer` is locked early during boot, preventing modification at runtime. However, as [Binarly](https://binarly.io) observed, the vulnerability can be exploited in environments where the `IhisiParamBuffer` NVRAM variable is not locked and remains writable at runtime. In such cases, attackers can bring and execute the vulnerable UEFI application even on systems with Secure Boot enabled—using a [Bring Your Own Vulnerable Driver (BYOVD)](https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/strategies-to-monitor-and-prevent-vulnerable-driver-attacks/4103985) approach.  Initially the vulnerability was reported on DTResearch's  Dtbios application version 71.22 for 64-bit architecture, however Microsoft has further identified that this vulnerability is present in both DtBios and BiosFlashShell on multiple versions. A total of 14 hashes have been added to the Forbidden Signature Database [(DBX or Revocation List)](https://uefi.org/revocationlistfile) to address these various binaries.\r\n\r\nTo mitigate this vulnerability, affected UEFI modules must be updated via vendor-provided software. Additionally, all UEFI-compliant system owners should update their Secure Boot Forbidden Signature Database [(DBX or Revocation List)](https://uefi.org/revocationlistfile), which is available via OEM updates, Microsoft, or the [Linux Vendor Firmware Service (LVFS)](https://fwupd.org).\r\n\r\n### Impact\r\n\r\nAn attacker with the ability to modify the `IhisiParamBuffer` NVRAM variable can use it to perform arbitrary memory writes, enabling a Secure Boot bypass during early boot. This allows unsigned or malicious code to run before the OS loads, potentially installing persistent malware or kernel rootkits that survive reboots and OS reinstallations. Because this attack occurs before OS-level security tools initialize, it can evade detection by endpoint detection and response (EDR) systems. In some cases, it can even entirely disable EDR systems by modifying low-level interfaces before they load.\r\n\r\n### Solution\r\n\r\n#### Apply a Patch\r\n\r\nMultiple vendors have released software updates to address this vulnerability and prevent potential exploitation. Please refer to the `Vendor Information` section for applicable updates. Microsoft has also indicated they will release an updated DBX (Revocation List) file to prevent vulnerable components from being executed under Secure Boot. Windows Users can further use [Check-UEFISecureBootVariables](https://github.com/cjee21/Check-UEFISecureBootVariables) PowerShell scripts to verify whether the latest DBX updates can be applied. For Linux users, LVFS has released a [blog article](https://blogs.gnome.org/hughsie/2020/08/17/updating-secure-boot-dbx-with-fwupd-and-the-lvfs/) to detail revocation list updates through the Linux tools provided by the fwupd project.\r\n\r\n#### Recommendations for Enterprises and Developers\r\n\r\nChanges to the DBX (Forbidden Signature Database) may cause system boot failures if not carefully managed. Vendors should thoroughly test updates to ensure system stability. In some cases, it may be necessary to update the DB (Signature Database) **before** updating the DBX, as described in Microsoft’s [KB5025885](https://support.microsoft.com/en-us/topic/how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d). Enterprises and cloud providers managing broad deployments of systems should prioritize these updates and confirm DBX revocation is enforced, particularly in virtualized environments, to block unauthorized UEFI binaries during early boot phases.\r\n\r\n### Acknowledgements\r\n\r\nThanks to Binarly REsearch team for the responsible disclosure of this vulnerability to CERT/CC. Thanks also to Microsoft and various vendors for their collaboration and timely response. This document was written by Vijay Sarvepalli.","title":"Summary"},{"category":"legal_disclaimer","text":"THIS DOCUMENT IS PROVIDED ON AN 'AS IS' BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. ","title":"Legal Disclaimer"},{"category":"other","text":"CERT/CC Vulnerability Note is a limited advisory. It primarily identifies vendors impacted by the advisory and not specific products. We only support \"known_affected\" and \"known_not_affected\" status. Please consult the vendor's statements and advisory URL if provided by the vendor for more details ","title":"Limitations of Advisory"},{"category":"other","text":"AMI does not directly distribute any of the affected EFI applications. However, once the DBX update is made available on https://github.com/microsoft/secureboot_objects, AMI will execute their standard DBX integration workflow which results in AMI releasing secure boot implementations with the latest DBX updates.","title":"Vendor statment from American Megatrends Incorporated (AMI)"},{"category":"other","text":"We have validated that our Kernels, version 5.4 - 5.7 are not affected. We tested by writing an application that attempts to directly write to the variable indicated (and a number of others) from under the OS. This does not preclude any chained vulnerabilities at this time. We are now working with our customers to validate their products as well.","title":"Vendor statment from Insyde Software Corporation"},{"category":"other","text":"Since this potential vulnerability is not believed to be due to a UEFI specification issue, the UEFI Forum and its security response team is not affected. We will continue to monitor the issue and provide assistance where applicable.","title":"Vendor statment from UEFI Security Response Team"},{"category":"other","text":"Following a review with the internal development team, it has been confirmed that the vulnerability does not affect ASUS products.","title":"Vendor statment from ASUSTeK Computer Inc."},{"category":"other","text":"Red Hat does not directly ship any of the affected EFI applications. However, once the DBX update is made available, administrators will need to deploy the updated DBX on UEFI systems in order to prevent the vulnerable applications from being loaded.","title":"Vendor statment from Red Hat"},{"category":"other","text":"Gigabyte’s Clevo-based models use Insyde BIOS.\r\nUpon investigation, the issue has been identified as related to the MSFT DBX. It requires an update to the MSFT DBX key.\r\nA new BIOS version addressing this issue was released on June 11, 2025.\r\nAll subsequent BIOS versions will include the updated DBX key, and the issue can be resolved by updating the BIOS.","title":"Vendor statment from GIGABYTE"},{"category":"other","text":"The signed tool (DTBIOS/BIOSFlashShell) is meant to be only used on DT Research's platforms with Insyde BIOS. As mentioned by Insyde, “Insyde has already fixed this bug sometime ago by locking the IhisiParamBuffer variable.” this tool will not be vulnerable on DT Research's platform. Furthermore, we agreed to revoke all Microsoft signed binary, to make sure this binary will not be executed on any other platforms from other vendors.","title":"Vendor statment from DT Research"}],"publisher":{"category":"coordinator","contact_details":"Email: cert@cert.org, Phone: +1412 268 5800","issuing_authority":"CERT/CC under DHS/CISA https://www.cisa.gov/cybersecurity also see https://kb.cert.org/ ","name":"CERT/CC","namespace":"https://kb.cert.org/"},"references":[{"url":"https://certcc.github.io/certcc_disclosure_policy","summary":"CERT/CC vulnerability disclosure policy"},{"summary":"CERT/CC document released","category":"self","url":"https://kb.cert.org/vuls/id/806555"},{"url":"https://www.binarly.io/advisories/brly-dva-2025-001","summary":"https://www.binarly.io/advisories/brly-dva-2025-001"},{"url":"https://dtresearch.com/blog/2025/07/24/addressing-boot-vulnerability/","summary":"https://dtresearch.com/blog/2025/07/24/addressing-boot-vulnerability/"},{"url":"https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html","summary":"https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html"},{"url":"https://techcommunity.microsoft.com/blog/windows-itpro-blog/revoking-vulnerable-windows-boot-managers/4121735","summary":"https://techcommunity.microsoft.com/blog/windows-itpro-blog/revoking-vulnerable-windows-boot-managers/4121735"},{"url":"https://kb.cert.org/vuls/id/529659","summary":"https://kb.cert.org/vuls/id/529659"},{"url":"https://insights.sei.cmu.edu/blog/uefi-5-recommendations-for-securing-restoring-trust/","summary":"https://insights.sei.cmu.edu/blog/uefi-5-recommendations-for-securing-restoring-trust/"},{"url":"https://access.redhat.com/security/cve/CVE-2025-3052","summary":"Reference(s) from vendor \"Red Hat\""},{"url":"https://dtresearch.com/blog/2025/07/24/addressing-boot-vulnerability/","summary":"Reference(s) from vendor \"DT Research\""}],"title":"A Vulnerability in UEFI Applications allows for secure boot bypass via misused NVRAM variable","tracking":{"current_release_date":"2026-02-13T16:50:48+00:00","generator":{"engine":{"name":"VINCE","version":"3.0.35"}},"id":"VU#806555","initial_release_date":"2025-06-10 19:18:45.784882+00:00","revision_history":[{"date":"2026-02-13T16:50:48+00:00","number":"1.20260213165048.4","summary":"Released on 2026-02-13T16:50:48+00:00"}],"status":"final","version":"1.20260213165048.4"}},"vulnerabilities":[{"title":"An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software.","notes":[{"category":"summary","text":"An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise."}],"cve":"CVE-2025-3052","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#806555"}],"product_status":{"known_affected":["CSAFPID-489d4e10-371e-11f1-8422-122e2785dc9f","CSAFPID-489e1412-371e-11f1-8422-122e2785dc9f","CSAFPID-489e788a-371e-11f1-8422-122e2785dc9f","CSAFPID-489eb07a-371e-11f1-8422-122e2785dc9f","CSAFPID-489ed9d8-371e-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-489d1814-371e-11f1-8422-122e2785dc9f","CSAFPID-489d7ad4-371e-11f1-8422-122e2785dc9f","CSAFPID-489da3f6-371e-11f1-8422-122e2785dc9f","CSAFPID-489dd0f6-371e-11f1-8422-122e2785dc9f","CSAFPID-489e48b0-371e-11f1-8422-122e2785dc9f","CSAFPID-489f1dd0-371e-11f1-8422-122e2785dc9f"]}}],"product_tree":{"branches":[{"category":"vendor","name":"Fsas Technologies Europe","product":{"name":"Fsas Technologies Europe Products","product_id":"CSAFPID-489d1814-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"GIGABYTE","product":{"name":"GIGABYTE Products","product_id":"CSAFPID-489d4e10-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Insyde Software Corporation","product":{"name":"Insyde Software Corporation Products","product_id":"CSAFPID-489d7ad4-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"UEFI Security Response Team","product":{"name":"UEFI Security Response Team Products","product_id":"CSAFPID-489da3f6-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Intel","product":{"name":"Intel Products","product_id":"CSAFPID-489dd0f6-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-489e1412-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ASUSTeK Computer Inc.","product":{"name":"ASUSTeK Computer Inc. Products","product_id":"CSAFPID-489e48b0-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-489e788a-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"DT Research","product":{"name":"DT Research Products","product_id":"CSAFPID-489eb07a-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LVFS Project","product":{"name":"LVFS Project Products","product_id":"CSAFPID-489ed9d8-371e-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"American Megatrends Incorporated (AMI)","product":{"name":"American Megatrends Incorporated (AMI) Products","product_id":"CSAFPID-489f1dd0-371e-11f1-8422-122e2785dc9f"}}]}}