diff --git a/components/bootloader_support/src/secure_boot.c b/components/bootloader_support/src/secure_boot.c
index 0b5bab46fc..5e9b8832fc 100644
--- a/components/bootloader_support/src/secure_boot.c
+++ b/components/bootloader_support/src/secure_boot.c
@@ -363,7 +363,11 @@ bool esp_secure_boot_cfg_verify_release_mode(void)
             }
 #endif
             ++num_keys;
+#if SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
+            secure = !esp_efuse_read_field_bit(ESP_EFUSE_RD_DIS_KEY0_HI);
+#else
             secure = !esp_efuse_get_key_dis_read(block);
+#endif // !SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
             result &= secure;
             if (!secure) {
                 ESP_LOGE(TAG, "Secure boot key in BLOCK%d must NOT be read-protected (can not be used)", block);
diff --git a/examples/system/efuse/pytest_system_efuse_example.py b/examples/system/efuse/pytest_system_efuse_example.py
index 327355e95c..7ee1a3e06e 100644
--- a/examples/system/efuse/pytest_system_efuse_example.py
+++ b/examples/system/efuse/pytest_system_efuse_example.py
@@ -355,6 +355,7 @@ def test_examples_efuse_with_virt_secure_boot_v1_pre_loaded(dut: Dut) -> None:
     dut.expect('example: Done')
 
 
+@pytest.mark.generic
 @pytest.mark.esp32
 @pytest.mark.parametrize('config', [('virt_secure_boot_v2.esp32'),], indirect=True)
 @pytest.mark.parametrize('skip_autoflash', ['y'], indirect=True)
@@ -470,15 +471,16 @@ def test_examples_efuse_with_virt_secure_boot_v2(dut: Dut) -> None:
     dut.expect('example: Done')
 
 
+@pytest.mark.generic
 @pytest.mark.esp32
 @pytest.mark.parametrize('config', [('virt_secure_boot_v2.esp32'),], indirect=True)
 @pytest.mark.parametrize('skip_autoflash', ['y'], indirect=True)
 def test_examples_efuse_with_virt_secure_boot_v2_pre_loaded(dut: Dut) -> None:
 
     print(' - Erase flash')
-    dut.erase_flash()
+    dut.serial.erase_flash()
     print(' - Flash bootloader and app')
-    dut.bootloader_flash()
+    dut.serial.bootloader_flash()
     print(' - Start app (flash partition_table and app)')
     dut.serial.flash()
     dut.expect('Loading virtual efuse blocks from real efuses')
@@ -778,6 +780,7 @@ def test_examples_efuse_with_virt_sb_v1_and_fe(dut: Dut) -> None:
     dut.expect('example: Done')
 
 
+@pytest.mark.generic
 @pytest.mark.esp32
 @pytest.mark.parametrize('config', ['virt_sb_v2_and_fe.esp32',], indirect=True)
 @pytest.mark.parametrize('skip_autoflash', ['y'], indirect=True)
@@ -818,7 +821,7 @@ def test_examples_efuse_with_virt_sb_v2_and_fe(dut: Dut) -> None:
     dut.expect('secure_boot_v2: blowing secure boot efuse...')
     dut.expect('Disable JTAG...')
     dut.expect('Disable ROM BASIC interpreter fallback...')
-    dut.expect('UART ROM Download mode kept enabled - SECURITY COMPROMISED')
+    dut.expect('Disable ROM Download mode...')
     dut.expect('secure_boot_v2: Secure boot permanently enabled')
 
     dut.expect('Checking flash encryption...')
@@ -900,7 +903,7 @@ def test_examples_efuse_with_virt_sb_v2_and_fe_esp32xx(dut: Dut) -> None:
         dut.expect_exact('secure_boot_v2: Revoking empty key digest slot (1)...')
         dut.expect_exact('secure_boot_v2: Revoking empty key digest slot (2)...')
     dut.expect('secure_boot_v2: blowing secure boot efuse...')
-    dut.expect('UART ROM Download mode kept enabled - SECURITY COMPROMISED')
+    dut.expect('Enabling Security download mode...')
     dut.expect('Disable hardware & software JTAG...')
 
     if dut.app.target != 'esp32c2':
@@ -948,6 +951,7 @@ def test_examples_efuse_with_virt_sb_v2_and_fe_esp32xx(dut: Dut) -> None:
     dut.expect('example: Done')
 
 
+@pytest.mark.generic
 @pytest.mark.esp32c3
 @pytest.mark.parametrize('config', ['virt_sb_v2_and_fe.esp32c3'], indirect=True)
 @pytest.mark.parametrize('skip_autoflash', ['y'], indirect=True)
@@ -955,6 +959,7 @@ def test_examples_efuse_with_virt_sb_v2_and_fe_esp32c3(dut: Dut) -> None:
     test_examples_efuse_with_virt_sb_v2_and_fe_esp32xx(dut)
 
 
+@pytest.mark.generic
 @pytest.mark.esp32c2
 @pytest.mark.parametrize('config', ['virt_sb_v2_and_fe.esp32c2'], indirect=True)
 @pytest.mark.parametrize('skip_autoflash', ['y'], indirect=True)
@@ -962,6 +967,7 @@ def test_examples_efuse_with_virt_sb_v2_and_fe_esp32c2(dut: Dut) -> None:
     test_examples_efuse_with_virt_sb_v2_and_fe_esp32xx(dut)
 
 
+@pytest.mark.generic
 @pytest.mark.esp32s2
 @pytest.mark.parametrize('config', ['virt_sb_v2_and_fe.esp32s2'], indirect=True)
 @pytest.mark.parametrize('skip_autoflash', ['y'], indirect=True)
diff --git a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32 b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32
index 4abf5fcc95..271310afca 100644
--- a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32
+++ b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32
@@ -13,6 +13,7 @@ CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"
 CONFIG_SECURE_BOOT=y
 CONFIG_SECURE_BOOT_V2_ENABLED=y
 CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem"
+CONFIG_SECURE_DISABLE_ROM_DL_MODE=y
 
 CONFIG_SECURE_FLASH_ENC_ENABLED=y
 
diff --git a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c2 b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c2
index 2be2ad7ea4..2232a13055 100644
--- a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c2
+++ b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c2
@@ -9,6 +9,7 @@ CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"
 CONFIG_SECURE_BOOT=y
 CONFIG_SECURE_BOOT_V2_ENABLED=y
 CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key_ecdsa_nistp256.pem"
+CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE=y
 
 CONFIG_SECURE_FLASH_ENC_ENABLED=y
 
diff --git a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c3 b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c3
index 04c2764dfd..9ba5277387 100644
--- a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c3
+++ b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c3
@@ -13,6 +13,7 @@ CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"
 CONFIG_SECURE_BOOT=y
 CONFIG_SECURE_BOOT_V2_ENABLED=y
 CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem"
+CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE=y
 
 CONFIG_SECURE_FLASH_ENC_ENABLED=y
 
diff --git a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32s2 b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32s2
index 1ba66bfa5a..14cf4f2d95 100644
--- a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32s2
+++ b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32s2
@@ -9,6 +9,7 @@ CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"
 CONFIG_SECURE_BOOT=y
 CONFIG_SECURE_BOOT_V2_ENABLED=y
 CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem"
+CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE=y
 
 CONFIG_SECURE_FLASH_ENC_ENABLED=y