Lock Bootloader
On devices that provide the capability to unlock the bootloader (hence allowing any operating system code to be flashed onto the device), perform periodic checks to ensure that the bootloader is locked.
ID: M1003
Version: 1.0
Created: 25 October 2017
Last Modified: 25 April 2025
Techniques Addressed by Mitigation
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Mobile | T1398 | Boot or Logon Initialization Scripts |
A locked bootloader could prevent unauthorized modifications to protected operating system files. |
|
| Mobile | T1645 | Compromise Client Software Binary |
A locked bootloader could prevent unauthorized modifications of protected operating system files. |
|
| Mobile | T1458 | Replication Through Removable Media |
Users should ensure bootloaders are locked to prevent arbitrary operating system code from being flashed onto the device. |
|