Vulnerable DTResearch UEFI firmware applications can be used in BYOVD attacks to bypass Secure Boot.
June 11, 2025 By Eduard Kovacs
Vulnerable UEFI firmware applications from DTResearch, a company that makes rugged tablets, laptops and other industrial computers, can be leveraged to bypass Secure Boot on many devices.
The vulnerability, tracked as CVE-2025-3052, was disclosed on Tuesday by CERT/CC and Binarly, the firmware security firm whose researchers discovered the issue.
Binarly researchers found that two UEFI applications made by DTResearch and signed with Microsoft’s third-party UEFI certificate are affected by a vulnerability that can be exploited using specially crafted NVRAM variables, which store configuration, device customization, and runtime context data that needs to persist across reboots of the device.
An attacker who has access to the targeted system can exploit CVE-2025-3052 — through a Bring Your Own Vulnerable Driver (BYOVD) attack — to modify a specific NVRAM variable that enables a bypass of Secure Boot during the boot process.
