Bypass Record
Pre-OS Boot × Insyde H2O UEFI-compatible firmware
A publicly-reported instance of Pre-OS Boot bypassing Insyde H2O UEFI-compatible firmware, recorded with its original source. Factual record; no assessment of any specific deployment.
Mechanism
The attacker generates a self-signed certificate, wraps it in EFI_SIGNATURE_LIST format, and writes it to the non-volatile NVRAM variable 'SecureFlashCertData' while setting 'SecureFlashSetupMode' to 1. This causes the firmware to trust binaries signed with the attacker's certificate as if they were signed by Insyde. During a firmware update, the attacker replaces the legitimate flasher 'isflash.bin' with a malicious one signed with their certificate. The firmware's SecureFlashDxe driver loads and executes this malicious flasher, granting code execution with write access to firmware volumes not protected by Intel BootGuard or a properly configured FlashDeviceMap.
Detection & mitigation
Monitor firmware integrity using hardware root-of-trust attestation (e.g., Intel BootGuard, TPM PCR measurements) and compare against known-good firmware hashes. Enforce strict FlashDeviceMap configurations that prevent runtime DXE volume modification, and audit NVRAM variable changes (especially SecureFlashCertData and SecureFlashSetupMode) via UEFI event logs or endpoint telemetry.
This is a record of a publicly-reported event, not an assessment of any specific organization's deployment. Detection and mitigation notes are drawn from the cited source. Where the source is silent, fields are omitted.