Systems and methods for firmware validation for encrypted virtual machines are disclosed. An example method may include initiating a boot process to launch a virtual machine on a host machine. The virtual machine can be associate with a first firmware. The method may further include authenticating the virtual machine with an external server using the first firmware. The method may further include receiving secret data associated with the virtual machine from the external server. The secret data may be encrypted with an encryption key. The method may further include, responsive to authenticating a second firmware using the first firmware, completing the boot process to launch the virtual machine using the secret data.