CVE-2025-11577

Root

Cause Clevo's UEFI firmware update packages (e.g., B10717.exe) distributed publicly contained the private RSA keys used for Intel Boot Guard's Key Manifest and Boot Policy Manifest verification [1]. This accidental exposure undermines the hardware root of trust designed to ensure only authentic firmware executes during the early boot process [2].

Exploitation

An attacker with write access to system flash storage—achieved through physical possession, malware with kernel privileges, or a compromised firmware update mechanism—can use the leaked private keys to sign a malicious firmware image [1][2]. Because the keys are trusted by the Boot Guard implementation on affected devices, the modified firmware would pass cryptographic verification and execute as if it were legitimate [2]. No additional authentication is needed once write access is obtained [1].

Impact

Successful exploitation allows persistent, stealthy control over the target system. The attacker can install arbitrary UEFI firmware that survives OS reinstalls and conventional security scans, because Boot Guard operates before the operating system loads [2]. The compromise extends to any device using Clevo as an ODM/OEM, including models from Gigabyte and XPG, with supply chain implications for multiple brands [1][2].

Mitigation

Binarly and CERT/CC have identified dozens of affected firmware versions (e.g., XPG Xenia 15G, several Gigabyte G5 series) and confirmed that not all have received patched updates [1]. Clevo has reportedly removed the affected software from public distribution, but no official firmware updates addressing the leaked keys have been announced for many impacted systems [2]. Organizations should check the advisory for specific vulnerable models and apply any available vendor updates; otherwise, devices remain at risk.