07-10-2023, 03:17 PM
(This post was last modified: 07-20-2023, 02:35 PM by mammoth.)
BlackLotus is a recently publicized malware product garnering significant attention within tech media. Similar to 2020’s BootHole (CVE-2020-10713), BlackLotus takes advantage of a boot loader flaw—specifically CVE-2022-21894 Secure Boot bypass known as “Baton Drop”—to take control of an endpoint from the earliest phase of software boot.