Binarly disclosed six critical vulnerabilities in U-Boot's FIT signature verification logic that can be triggered by a malicious FIT image before signature checks complete, breaking the intended Verified Boot trust model. The flaws affect code paths present since U-Boot v2013.07, potentially spanning more than 50 stable releases and numerous vendor forks used in embedded devices, routers, IoT products, and server BMCs; two of the issues may allow arbitrary code execution during boot, while the others can cause denial of service.
Researchers warned that exploitation may not require physical access if devices accept firmware through insecure remote update paths such as exposed BMC interfaces, raising the risk of device bricking or persistent firmware implants below the operating system. U-Boot maintainers handled the issues through coordinated disclosure and merged fixes into the mainline repository, and downstream users were urged to update or backport patches because the long-lived, widely reused bootloader code creates broad supply-chain exposure.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
5 events from the most recent confirmed update back to the earliest known activity.
Binarly Research publicly disclosed six critical vulnerabilities in U-Boot’s FIT signature verification logic, warning they affect code paths present since U-Boot v2013.07 and many vendor forks. The disclosure highlighted pre-verification attack paths that could enable denial of service and potentially arbitrary code execution, including via insecure remote firmware update channels such as BMC interfaces.
U-Boot maintainers received a coordinated disclosure from Binarly Research and merged patches for six vulnerabilities in FIT signature verification logic into the mainline repository. The flaws can cause denial of service and, in some cases, arbitrary code execution during boot.
Although upstream fixes for the six FIT signature verification vulnerabilities were merged in June, the U-Boot v2026.07 release was published without them. As a result, vendors must manually pull the upstream patches until a later stable release includes the fixes.
Binarly published individual advisories with proof-of-concept FIT images and reproduction steps for the six U-Boot FIT verification vulnerabilities. The release provided concrete technical details to demonstrate and reproduce the issues affecting U-Boot versions since v2013.07.
A coordinated vulnerability disclosure covering multiple U-Boot vulnerabilities was published to the U-Boot mailing list. This marks the public disclosure point referenced for the affected FIT signature verification issues.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
8 references tracked. Mallory keeps watching after this page renders.
securityaffairs.com
Open sourcecysecurity.news
Open sourcethehackernews.com
Open sourcecyberaccord.com
Open sourcecybersecuritynews.com
Open sourcebleepingcomputer.com
Open sourcebinarly.io
Open sourcelists.denx.de
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.