Security Notifications

Secure Boot Vulnerability in Dtbios and BiosFlashShell UEFI Applications

June 10, 2025

CVE-2025-3052
There is a new vulnerability published on June 10, 2025 for a set of Microsoft-signed UEFI applications.

UEFI Application Exploit That Can Bypass Secure Boot

January 16, 2025

CVE-2024-7344
ESET researchers have identified a critical vulnerability that directly compromises UEFI Secure Boot.

BootKitty: First UEFI Bootkit Targeting Linux

November 27, 2024

Security researchers at ESET discovered BootKitty which is the first known UEFI bootkit that targets Linux.

MSI Motherboard SMM Memory Corruption Vulnerability

August 9, 2024

CVE-2024-36877
Certain Micro-Star International (MSI) motherboards have a buffer overflow vulnerability which allows an attacker to execute arbitrary code.

PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem

July 25, 2024

CVE-2024-8105
The Binarly Research Team recently published a report about the firmware vulnerability PKfail. Because of this vulnerability, certain devices shipped with insecure Platform Keys (PK). These keys are used in a test/development environment and were not intended to be shipped with a production-ready device.

Critical Vulnerability in Linux XZ Utils Library

April 15, 2024

CVE-2024-3094 | CISA Alert | Ubuntu Alert
On March 28th, 2024, it was discovered that a sophisticated social engineering attack introduced a backdoor in the XZ Utils library, which provides data compression and decompression services and is included in many Linux distributions.

WHO WE SERVE

THE FIRMGUARD PLATFORM

SecureCheck

SecureConfig

SecureUpdate

SecureWipe

SecureReimage

SecureSense

SecureBeat

FIRMGUARD CASE STUDY

RESOURCES

FEATURED ON THE BLOG