The Untold Story of the BlackLotus UEFI Bootkit
This story also has a supply chain twist. A critical aspect of the BlackLotus story lies in supply chain problems relating to modern operating systems, their bootloaders, and UEFI firmware. In order to bypass Secure Boot at scale, BlackLotus exploits CVE-2022-21894, a vulnerability patched by Microsoft in January 2022. A proof-of-concept exploit was released in August 2022, seven months after Microsoft’s public disclosure. The Untold Story of the BlackLotus UEFI Bootkit