Binarly to Unveil “Broken Trust” Research: Firmware Bypass Chains, BMC Persistence, and EDR Evasion

SANTA MONICA, Calif.--(BUSINESS WIRE)--Binarly, the industry leader in software and firmware supply-chain security, today announced an upcoming DistrictCon presentation “Broken Trust: Firmware Bypass Chains, BMC Persistence, and EDR Evasion.” The session will detail how firmware-level attack chains observed in shipped enterprise devices can effectively undermine modern endpoint defenses, enabling stealthy compromise and long-lived persistence.

At DistrictCon, Binarly will reveal firmware bypass chains that can blind EDR and disclose two new Supermicro BMC vulnerabilities (CVE-2025-12006, CVE-2025-12007) with implications for enterprise and AI infrastructure security.

Share

In this presentation, the Binarly REsearch team will dismantle the assumption of hardware trust by presenting multiple real-world firmware bypass chains. Alex Matrosov and Fabio Pagani will provide a deep dive into the specific vulnerability classes and exploitation primitives that make these attacks reliable in practice. The team will also deliver a live demonstration compromising a fully patched system, illustrating how Endpoint Detection and Response (EDR) solutions can be blinded long before kernel drivers are even initialized.

The DistrictCon research will detail CVE-2025-12006 and CVE-2025-12007, two new high-impact Supermicro BMC vulnerabilities that enable attackers to install malicious firmware images and maintain persistent, difficult-to-remove implants inside server infrastructure. Binarly will outline the underlying technical root causes and discuss mitigation implications for platform vendors, enterprise defenders, and incident response teams.

Crucially, the research highlights the growing security debt in the rapidly expanding AI infrastructure sector. As organizations race to deploy high-density compute clusters to power generative AI, the reliance on bare-metal performance often outpaces hardware security verification. Binarly’s findings demonstrate how firmware-level persistence can survive standard server re-provisioning, potentially allowing attackers to breach tenant boundaries to access proprietary data and models.

“Firmware is the layer where trust is assumed, not continuously verified, and attackers take full advantage of that,” said Alex Matrosov, CEO and Head of Research at Binarly. “In Broken Trust, we’ll show how bypass chains we found in shipped firmware, including CVE-2025-12006 and CVE-2025-12007, make the case for supply-chain scale monitoring. Because in the real world, a small mistake in validation logic doesn’t stay small, it turns into persistence, and enterprise-wide risk.”

Binarly’s ongoing mission is to provide actionable intelligence and scalable transparency into software and firmware supply chains by helping organizations detect weaknesses early and reduce systemic risk across global device and software vendor ecosystems.

About Binarly

Binarly is a U.S.-based firmware and software supply chain security company founded in 2021. The flagship Binarly Transparency Platform helps device manufacturers, OEMs and enterprise product security teams to detect vulnerabilities, misconfigurations, secrets, and malicious code in devices and software supply chains. Leveraging decades of research and program analysis expertise, we secure businesses, critical infrastructure, and consumers, while also assisting organizations in transitioning to a post-quantum cryptography (PQC) environment. Visit https://binarly.io for more information.