A vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. An attacker may to execute arbitrary signed UEFI code and bypass Secure Boot.

Running the provided utility changes the certificate on any Insyde BIOS and then the attached .efi file can be launched.