New bypass of Secure Boot for laptops, embedded and medical devices, and car ECUs: technical details and exploit. 🛡️💥⛓️💥☢️
Security researcher Nikolaj Schlej shared yesterday a new and quite effective (even trivial) way to bypass Secure Boot in Insyde H2O UEFI BIOS. The vulnerability, CVE-2025-4275, was named Hydroph0bia by the author. 🌊
Most ARM-based laptops from Acer, HP, Lenovo, Huawei, Samsung, and Dell use this BIOS and are therefore affected. This product is also ported to multiple systems for IoT, SCADA, and critical infrastructure. Insyde H2O continuously presents their solutions for communication devices, robotics, and manufacturing equipment.
Car components, as well as other areas in digital mobility (aviation, maritime, and railroad), also use Insyde H2O Secure Boot as part of ARM-based and other UEFI-compatible systems.
So - check your SBOMs and make sure your product is not affected. 🏃➡️🏃♀️➡️
More details:
"Hydroph0bia (CVE-2025-4275) - a trivial SecureBoot bypass for UEFI-compatible firmware based on Insyde H2O"
Part 1: https://coderush.me/hydroph0bia-part1/
Part 2: https://coderush.me/hydroph0bia-part2/
Github: https://github.com/NikolajSchlej/Hydroph0bia
