Approximately nine percent of tested firmware images use non-production cryptographic keys that are publicly known, making Secure Boot devices vulnerable to UEFI bootkit malware attacks.