.webp)
Binarly CEO Alex Matrosov discusses the LogoFAIL set of vulnerabilities that allow attackers to store malicious logo images either on the EFI System Partition (ESP) or inside unsigned sections of a firmware update. When these images are parsed during boot, the vulnerability can be triggered and an attacker-controlled payload can arbitrarily be executed to hijack the execution flow and bypass security features like Secure Boot, including hardware-based Verified Boot mechanisms (like Intel Boot Guard, AMD Hardware-Validated Boot or ARM TrustZone-based Secure Boot).
