Secure Boot Bypass Risk on Framework Linux Systems
Summary
Hide ▲
Show ▼
Nearly 200,000 Linux systems from Framework were shipped with signed UEFI shell components that can be exploited to bypass Secure Boot protections. The vulnerability stems from the inclusion of a 'memory modify' (mm) command in the UEFI shells, which can be used to disable signature verification and load bootkits. The affected systems include various Framework laptop and desktop models, and the issue is being addressed through firmware updates. Users are advised to apply available patches and implement temporary mitigations where updates are not yet available.
Timeline
-
14.10.2025 16:22 1 articles · 7h ago
Secure Boot bypass risk identified on Framework Linux systems
Framework Linux systems were shipped with signed UEFI shells containing a 'memory modify' (mm) command that can be exploited to bypass Secure Boot protections. The vulnerability affects nearly 200,000 systems and is being addressed through firmware updates. Users are advised to apply available patches and implement temporary mitigations.
Show sources
- Secure Boot bypass risk on nearly 200,000 Linux Framework sytems — www.bleepingcomputer.com — 14.10.2025 16:22
Information Snippets
-
Framework shipped around 200,000 Linux systems with signed UEFI shells containing a 'memory modify' (mm) command.
First reported: 14.10.2025 16:221 source, 1 articleShow sources
- Secure Boot bypass risk on nearly 200,000 Linux Framework sytems — www.bleepingcomputer.com — 14.10.2025 16:22
-
The mm command provides direct read/write access to system memory, allowing attackers to disable Secure Boot signature verification.
First reported: 14.10.2025 16:221 source, 1 articleShow sources
- Secure Boot bypass risk on nearly 200,000 Linux Framework sytems — www.bleepingcomputer.com — 14.10.2025 16:22
-
The vulnerability can be exploited to load bootkits such as BlackLotus, HybridPetya, and Bootkitty.
First reported: 14.10.2025 16:221 source, 1 articleShow sources
- Secure Boot bypass risk on nearly 200,000 Linux Framework sytems — www.bleepingcomputer.com — 14.10.2025 16:22
-
The issue affects multiple Framework laptop and desktop models, including various Intel and AMD configurations.
First reported: 14.10.2025 16:221 source, 1 articleShow sources
- Secure Boot bypass risk on nearly 200,000 Linux Framework sytems — www.bleepingcomputer.com — 14.10.2025 16:22
-
Framework is working on remediating the vulnerabilities through firmware updates.
First reported: 14.10.2025 16:221 source, 1 articleShow sources
- Secure Boot bypass risk on nearly 200,000 Linux Framework sytems — www.bleepingcomputer.com — 14.10.2025 16:22
-
Users are advised to apply available security updates and implement temporary mitigations where patches are not yet available.
First reported: 14.10.2025 16:221 source, 1 articleShow sources
- Secure Boot bypass risk on nearly 200,000 Linux Framework sytems — www.bleepingcomputer.com — 14.10.2025 16:22