New Secure Boot Vulnerability Allows Attackers to Install Malware in PC and Server Boot Processes

Security researchers from Binarly have uncovered a major software vulnerability in the Unified Extensible Firmware Interface (UEFI) ecosystem, specifically impacting the Secure Boot mechanism used by almost all modern PCs and servers.

Dubbed CVE-2025-3052 (BRLY-2025-001), this memory corruption flaw enables attackers to execute unsigned code during the early boot phase, bypassing Secure Boot protections and potentially compromising the entire device.

Technical Background and Vulnerability Details

Modern computers use UEFI firmware as a replacement for older BIOS firmware.

A critical component of UEFI is Secure Boot, a security feature that cryptographically verifies the integrity of the operating system loader before execution.

This ensures only trusted, signed executables can run during the boot process, thwarting efforts by attackers to replace the legitimate OS loader with malware such as bootkits.

Secure Boot relies on two databases:

• db: Contains trusted Authenticode hashes and root certificates.
• dbx: Contains revoked or ...