secure-boot-disabled: Secure Boot Not Enabled

日期: 2025-08-01 | 影响软件: secure boot disabled | POC: 已公开

漏洞描述

Verifies if Secure Boot is disabled, increasing the risk of rootkit infections.

PoC代码[已公开]

id: secure-boot-disabled

info:
  name: Secure Boot Not Enabled
  author: princechaddha
  severity: high
  description: Verifies if Secure Boot is disabled, increasing the risk of rootkit infections.
  impact: |
    Secure Boot prevents unauthorized bootloaders and operating systems from running, protecting against rootkits.
  remediation: |
    Enable Secure Boot in the BIOS to prevent rootkit infections.
  tags: secure-boot,uefi,code,windows-audit

self-contained: true

code:
  - pre-condition: |
      IsWindows();
    engine:
      - powershell
      - powershell.exe
    args:
      - -ExecutionPolicy
      - Bypass
    pattern: "*.ps1"
    source: |
      Confirm-SecureBootUEFI

    matchers:
      - type: word
        words:
          - "False"
# digest: 4b0a004830460221008579d5eefd737dd9a45048fa89644b4c0460e9e4f24d5e95d7d58424b83ef8970221008d56af855afdf06388235c5f4dbc319c084e3dd591bbe565fafe67912739cbf3:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./code/windows/audit/secure-boot-disabled.yaml

相关漏洞推荐