EFI # Filevault vulnerabilities


We have set EFI password on our Mac laptops using Jamf policy. Many of our users are locked randomly.

Issue mainly happened when battery is drained out and laptop fall into sleep mode for 5 hours. One Ac adapter is replugged, the Mac might try to boot into target disk mode and then EFI locked is shown.

  1. what’s the solution/recommendation here?
  2. Is there another way to lock access to Recovery Mode ?
  3. If I disable EFI and just rely on Filevault to protect hdd DATA, is there any known vulnerability that can be used to break the disk encryption?

OS 11.6 & 12, Macbooks Intel equipped.