uefivar_fuzz module

The module is fuzzing UEFI Variable interface.

The module is using UEFI SetVariable interface to write new UEFI variables to SPI flash NVRAM with randomized name/attributes/GUID/data/size.


chipsec_main -m tools.uefi.uefivar_fuzz [-a <options>]


[-a <test>,<iterations>,<seed>,<test_case>]

  • test : UEFI variable interface to fuzz (all, name, guid, attrib, data, size)

  • iterations : Number of tests to perform (default = 1000)

  • seed : RNG seed to use

  • test_case : Test case # to skip to (combined with seed, can be used to skip to failing test)

All module arguments are optional

>>> chipsec_main.py -m tools.uefi.uefivar_fuzz
>>> chipsec_main.py -m tools.uefi.uefivar_fuzz -a all,100000
>>> chipsec_main.py -m tools.uefi.uefivar_fuzz -a data,1000,123456789
>>> chipsec_main.py -m tools.uefi.uefivar_fuzz -a name,1,123456789,94


  • This module returns a WARNING by default to indicate that a manual review is needed.

  • Writes may generate ‘ERROR’s, this can be expected behavior if the environment rejects them.


  • This module modifies contents of non-volatile SPI flash memory (UEFI Variable NVRAM).

  • This may render system UNBOOTABLE if firmware doesn’t properly handle variable update/delete operations.


  • Evaluate the platform for expected behavior to determine PASS/FAIL.

  • Behavior can include platform stability and retaining protections.