{"uuid": "0fff37c0-c74f-4900-abc7-0b8e1b00db72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://infosec.exchange/users/ESETresearch/statuses/116917582564392811", "content": "#ESETresearch discovered and reported to @certcc 11 old Microsoft-signed UEFI shim bootloaders that allow bypassing UEFI Secure Boot on most UEFI systems. Read about it at https://www.welivesecurity.com/en/eset-research/forgotten-uefi-shims-undermining-secure-boot/ Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \nhttps://www.cve.org/CVERecord?id=CVE-2026-8863 \nhttps://www.cve.org/CVERecord?id=CVE-2026-10797Exploiting these vulnerable shims allows execution of untrusted code at system boot by using the Bring Your Own Vulnerable Driver (#BYOVD) technique, enabling deployment of malicious UEFI bootkits on systems that trust the Microsoft Corporation UEFI CA 2011 certificate. What makes these old shims dangerous is not a novel vulnerability, it\u2019s that no new vulnerability is needed to bypass Secure Boot. Just an old, still-trusted, unrevoked shim and basic knowledge of how UEFI works is enough to bypass UEFI Secure Boot and deploy a UEFI bootkit. For more details and instructions on how to verify that the dbx patches were properly applied on your system, read our blogpost:https://www.welivesecurity.com/en/eset-research/forgotten-uefi-shims-undermining-secure-boot/", "creation_timestamp": "2026-07-14T09:19:03.143941Z"}