Header bannerHeader banner

PKfail

The Binarly REsearch team discovered a key leak incident from American Megatrends stemming back to 2018. PKfail involves multiple devices and product lines and enables attackers to gain secure boot access similar to BlackLotus.

Proof of Concept

July 25, 2024

PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem

The Binarly REsearch team today discloses a key leak incident from American Megatrends stemming back to 2018.

PKfail involves multiple devices and product lines and enables attackers to gain secure boot access similar to BlackLotus. 
July 24, 2024

[BRLY-2024-005] Usage of default test keys leads to complete Secure Boot bypass

The Binarly REsearch Team has found that hundreds of devices use an insecure Platform Key (PK) which represents the root of trust for UEFI Secure Boot.

Get a closer look at Binarly

Our team is available to talk to you about your specific requirements or to give you a full demo