diff --git a/CHANGELOG.md b/CHANGELOG.md
index 722f7d9b3..d619decb3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@
     - Allows for unrestricted SMBIOS usage with `AppleIntelSNBGraphicsFB`
   - Adds OpenCL downgrade for TeraScale 2
     - Resolves VNC support (credit IronApple#2711)
+  - Fix SecureBootModel detection
 - Add `OpenCore-Legacy-Patcher.plist` for applied patch info
   - Located under `/System/Library/CoreServices`
   - Lists patch sets applied including files installed and removed
diff --git a/resources/sys_patch_detect.py b/resources/sys_patch_detect.py
index 9dfb97c09..146bf583a 100644
--- a/resources/sys_patch_detect.py
+++ b/resources/sys_patch_detect.py
@@ -174,7 +174,7 @@ class detect_root_patch:
             "Settings: Requires AMFI exemption": self.amfi_must_disable,
             "Validation: Patching Possible": self.verify_patch_allowed(),
             "Validation: SIP is enabled": self.sip_enabled,
-            "Validation: SBM is enabled": self.sbm_enabled,
+            "Validation: SecureBootModel is enabled": self.sbm_enabled,
             "Validation: AMFI is enabled": self.amfi_enabled if self.amfi_must_disable else False,
             "Validation: FileVault is enabled": self.fv_enabled,
             "Validation: System is dosdude1 patched": self.dosdude_patched,
diff --git a/resources/utilities.py b/resources/utilities.py
index a126592d3..2c49a057a 100644
--- a/resources/utilities.py
+++ b/resources/utilities.py
@@ -223,8 +223,13 @@ def patching_status(os_sip, os):
         # Catalina and older supports individually disabling Library Validation
         amfi_enabled = False
 
-    if get_nvram("HardwareModel", "94B73556-2197-4702-82A8-3E1337DAFBFB", decode=False):
-        if get_nvram("HardwareModel", "94B73556-2197-4702-82A8-3E1337DAFBFB", decode=False) not in constants.Constants().sbm_values:
+    sbm_byte = get_nvram("HardwareModel", "94B73556-2197-4702-82A8-3E1337DAFBFB", decode=False)
+    if sbm_byte:
+        # SecureBootModel has a ton of null bytes, so strip them out
+        sbm_string = sbm_byte.decode("utf-8")
+        if sbm_string in constants.Constants().sbm_values:
+            sbm_enabled = True
+        else:
             sbm_enabled = False
     else:
         sbm_enabled = False