← All drivers
Field Guide · Family

BlackLotus (UEFI bootkit)

BlackLotus is the first publicly documented UEFI bootkit capable of bypassing Secure Boot on fully patched Windows 11 systems. Analyzed by ESET in March 2023, it exploits CVE-2022-21894 to load before the operating system and disable core security mechanisms.

2
Drivers
0
Vulnerable
2
Malicious
2
With Field Notes

Family grouping is Vera's. Status data comes from the public LOLDrivers project.