Researchers from hardware security firm Eclypsium have discovered a vulnerability in three signed third-party Unified Extensible Firmware Interface (UEFI) boot loaders that can be exploited to bypass the UEFI Secure Boot feature.
According to the experts, these three new bootloader vulnerabilities affect most of the devices released over the past 10 years, including x86-64 and ARM-based devices.
The flaws identified by the experts have been rated as:
- CVE-2022-34301 – Eurosoft (UK) Ltd
- CVE-2022-34302 – New Horizon Datasys Inc
- CVE-2022-34303 – CryptoPro Secure Disk for BitLocker
The two CVE-2022-34301 and CVE-2022-34303 are similar in the way they involve signed UEFI shells, the first one the signed shell is esdiags.efi while for the third one (CryptoPro Secure Disk), the shell is Shell_Full.efi.
