#bootloader

Six Critical U-Boot FIT Signature Verification Vulnerabilities Discovered

bleepingcomputer.com · ⭐️ 9/10 · 2026-07-11

9/10

Binarly disclosed six vulnerabilities in U-Boot's FIT signature verification code, two enabling arbitrary code execution and four causing denial of service. The flaws affect over 50 stable versions dating back to 2013.07 and numerous downstream branches. Attackers can execute malicious code before the operating system boots, bypassing all security measures and potentially installing persistent firmware malware. For systems with remote firmware update capabilities like BMCs, exploitation requires no physical access, posing a severe threat to embedded and server ecosystems. The vulnerabilities reside in how untrusted FIT images are processed before signature validation completes. Remote exploitation is possible via malicious firmware updates, and while patches have been accepted into U-Boot, each hardware vendor must integrate and distribute them—legacy devices may never receive fixes.