π§π Hydroph0bia (CVE-2025-4275) – a trivial SecureBoot bypass for UEFI-compatible firmware based on Insyde H2O.
Secure Boot bypass for laptops, embedded and medical devices, and car ECUs: technical details and exploit. Security researcher Nikolaj Schlej shared yesterday a new and quite effective (even trivial) way to bypass Secure Boot in Insyde H20 UEFI BIOS. The vulnerability, CVE-2025-4275, was named Hydroph0bia by the author. Most ARM-based laptops from Acer, HP, Lenovo, Huawei, Samsung, and Dell use this BIOS and are therefore affected. This product is also ported to multiple systems for IoT, SCADA, and critical infrastructure. Insyde H20 continuously presents its solutions for communication devices, robotics, and manufacturing equipment. Car components, as well as other areas in digital mobility (aviation, maritime, and railroad), also use Insyde H20 Secure Boot as part of ARM-based and other UEFI-compatible systems. So, check your SBOMs and make sure your product is not affected.
https://coderush.me/hydroph0bia-part1/
https://coderush.me/hydroph0bia-part2/