diff --git a/libfwupdplugin/fu-ihex-firmware.c b/libfwupdplugin/fu-ihex-firmware.c
index 743b7c8df..9e4e7d2f0 100644
--- a/libfwupdplugin/fu-ihex-firmware.c
+++ b/libfwupdplugin/fu-ihex-firmware.c
@@ -196,6 +196,7 @@ fu_ihex_firmware_parse (FuFirmware *firmware,
 {
 	FuIhexFirmware *self = FU_IHEX_FIRMWARE (firmware);
 	gboolean got_eof = FALSE;
+	gboolean got_sig = FALSE;
 	guint32 abs_addr = 0x0;
 	guint32 addr_last = 0x0;
 	guint32 img_addr = G_MAXUINT32;
@@ -309,12 +310,21 @@ fu_ihex_firmware_parse (FuFirmware *firmware,
 			g_debug ("  seg_addr:\t0x%02x on line %u", seg_addr, rcd->ln);
 			break;
 		case FU_IHEX_FIRMWARE_RECORD_TYPE_SIGNATURE:
+			if (got_sig) {
+				g_set_error_literal (error,
+						     FWUPD_ERROR,
+						     FWUPD_ERROR_INVALID_FILE,
+						     "duplicate signature, perhaps "
+						     "corrupt file");
+				return FALSE;
+			}
 			if (rcd->data->len > 0) {
 				g_autoptr(GBytes) data_sig = g_bytes_new (rcd->data->data, rcd->data->len);
 				g_autoptr(FuFirmwareImage) img_sig = fu_firmware_image_new (data_sig);
 				fu_firmware_image_set_id (img_sig, FU_FIRMWARE_IMAGE_ID_SIGNATURE);
 				fu_firmware_add_image (firmware, img_sig);
 			}
+			got_sig = TRUE;
 			break;
 		default:
 			/* vendors sneak in nonstandard sections past the EOF */