< BACK TO NEWS
importantSYS.SOURCE: The Hacker News2026-07-10T21:27:14+05:30

Six Critical U-Boot Vulnerabilities Allow Code Execution and Device Crashes During Boot

#Firmware Security#Bootloader Vulnerabilities#Code Execution

Researchers at Binarly identified six vulnerabilities in U-Boot, a bootloader used in embedded systems, that could enable malicious code execution or device crashes during the boot process. Two of the flaws allow arbitrary code execution before OS verification, compromising the chain of trust, while the others cause denial-of-service attacks.

Researchers at firmware security firm Binarly have found six new flaws in U-Boot, the small program that starts up hardware as varied as home routers, smart cameras, and the management chips inside data-center servers.

Four of the bugs can crash a device. The other two could let an attacker who slips a malicious image in front of the bootloader run their own code, before the device

Read original article

*** END OF TRANSMISSION ***