Software Engineering Institute

Overview

Clevo’s UEFI firmware update packages included sensitive private keys used in their Intel Boot Guard implementation. This accidental exposure of the keys could be abused by an attacker to sign malicious firmware using Clevo’s Boot Guard trust chain, potentially compromising the pre-boot UEFI environment on systems where Clevo’s implementation has been adopted.

Description

Intel Boot Guard is a platform integrity technology, providing a root of trust that protects the earliest stages of the boot process. It cryptographically verifies the Initial Boot Block (IBB) and prevents the execution of untrusted firmware. Operating before UEFI is initialized, Boot Guard ensures that only authenticated firmware is executed during the earliest pre-boot stage. Boot Guard is often confused with UEFI Secure Boot, but Secure Boot operates later in the process, enforcing trust within the UEFI firmware execution phase and during the transition from UEFI to the operating system.

Clevo Co. is a computer hardware and firmware manufacturer that operates as both an Original Design Manufacturer (ODM) and an Original Equipment Manufacturer (OEM), producing laptops and UEFI firmware used by various personal computer brands. One of Clevo’s publicly released UEFI software executables included private keys integral to its Boot Guard trust chain. Because Clevo’s firmware is integrated into products from other manufacturers, the exposure may have supply chain implications extending beyond Clevo-branded systems.

Impact

An attacker with write access to flash storage for a system, whether through physical access or a privileged software update mechanism, could abuse the leaked keys to sign and install malicious firmware. Such firmware would be trusted at the early stages that will be protected by Boot Guard, allowing compromise of the affected UEFI systems and thus enabling persistent and stealthy control over the device.

Solution

While Clevo has reportedly removed the affected software containing the leaked keys, no public remediation steps have been announced by Clevo at this time. Users of Clevo-based devices, including those from other OEMs that integrate Clevo firmware, should: * Assess their exposure to affected firmware versions. * Monitor systems for unauthorized firmware modifications. * Apply firmware updates only from verified and trusted sources.

Acknowledgements

This issue was responsibly disclosed by the Binarly Research Team, with initial reporting by Thierry Laurion. This document was written by Vijay Sarvepalli.

Vendor Information

References

• https://www.binarly.io/advisories/brly-2025-002
• https://hardenedlinux.org/blog/2023-09-07-boot-unguarded-x86-trust-anchor-downfalls-to-the-leaked-oem-internal-tools-and-signing-keys
• https://tianocore-docs.github.io/EDK_II_Secure_Coding_Guide/draft/secure_coding_guidelines_intel_platforms/intel_boot_guard.html
• https://www.binarly.io/blog/clevo-boot-guard-keys-leaked-in-update-package