We are working on Excite project that uses open-source symbolic execution platform S2E and Intel virtual platform Simics to search for BIOS security vulnerabilities including a most known class of vulnerabilities like memory references (call outs) by SMM interrupt handlers in UEFI-compliant implementations of BIOS. All tools and approaches in this talk discussed on real examples of vulnerabilities found with. We want to discuss limitations and problems which we facing with symbolic execution approach for BIOS security validation. The Excite tool currently applies only to interrupt handlers for SMM variables. Given a snapshot of SMRAM, the base address of SMRAM, and the address of the variable interrupt handler in SMRAM, the tool uses S2E to run the KLEE symbolic execution engine to search for concrete examples of a call to the interrupt handler that causes the handler to read memory outside of SMRAM. This is a work in progress. Also we discuss the mixed approach of symbolic execution with fuzzing flavor to improve vulnerability digging capability.