Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads.

Vendor-specific bootloaders used by Windows were found to be vulnerable while the status of almost a dozen others is currently unknown.

Threat actors could exploit the security issue to establish persistence on a target system that cannot be removed by reinstalling the operating system (OS).