In a significant security lapse, private cryptographic keys integral to Intel’s Boot Guard technology have been inadvertently included in firmware update packages for Clevo-based devices. This exposure potentially allows attackers to bypass critical security mechanisms, compromising the integrity of affected systems.
Discovery and Initial Findings
The issue came to light in late February 2025 when a user on the Win-Raid forum reported finding Boot Guard Key Manifest (KM) and Boot Policy Manifest (BPM) private keys within Clevo’s firmware update packages. These keys were embedded in the `BootGuardKey.exe` binary and also stored in files named `CreateDeleteBIOSKey.keyprivkey.pem` and `CreateDeleteBIOSKey.privkey.pem`. Technical analysis confirmed that these private keys matched the modules stored in the Boot Guard KM and BPM used in Clevo firmware images. This means that malicious firmware could be signed with these keys, passing validation checks and effectively bypassing Boot Guard protections.
Scope of the Vulnerability
Further investigation by the Binarly REsearch team revealed the widespread nature of this vulnerability. By integrating the leaked Clevo keys into their Binarly Transparency Platform, they conducted an ecosystem-wide scan and identified 15 firmware images containing these keys, corresponding to 10 unique devices. Notably, all of these firmware images belong to recently released devices, including one for the Gigabyte G6X 9KG that was released in 2025.
Implications of the Exposure
Intel’s Boot Guard is designed to protect systems against firmware-level attacks by cryptographically verifying firmware integrity during the boot process. The exposure of private keys undermines this security measure, as attackers could craft unauthorized firmware that would still pass Boot Guard’s validation checks. This vulnerability is particularly concerning for gaming laptops and other high-performance devices that rely on Clevo hardware.
Industry Response and Recommendations
Binarly reported their findings to CERT/CC on February 28, 2025, under advisory BRLY-2025-002. However, the case was closed a few days later without much explanation. This incident underscores the ongoing challenges in firmware supply chain security, especially as the UEFI ecosystem becomes increasingly complex.
Security experts recommend that affected manufacturers issue firmware updates using newly generated cryptographic keys. This process is complex and requires coordination with Intel and affected system vendors. Users of affected devices should apply any security updates provided by manufacturers promptly. In some cases, the fundamental vulnerability may persist until hardware replacement occurs.
