New UEFI Firmware Flaw Exposes Standard Motherboards To Assaults

Cybersecurity specialists simply discovered a flaw in the UEFI firmware that many fashionable motherboards use. The “bug” might let attackers do direct reminiscence entry (DMA) assaults on methods, which can allow unauthorized customers to realize deep and protracted entry to affected methods underneath sure situations, and the worst half is that it impacts boards from a number of main producers, together with Gigabyte, MSI, ASUS, and ASRock.

To offer you context, the PC motherboard incorporates low-level software program known as UEFI, or Unified Extensible Firmware Interface, which securely begins the working system and initializes {hardware} parts. One in all its major safety obligations is to allow the Enter-Output Reminiscence Administration Unit (IOMMU), a hardware-based isolation mechanism that’s meant to safeguard system reminiscence. If arrange appropriately, the IOMMU stops exterior units from studying or writing to random elements of system RAM.

Parts corresponding to PCIe growth playing cards, Thunderbolt peripherals, GPUs, and related {hardware} that may entry reminiscence immediately with out passing by the CPU are included in DMA-capable units. Malicious or compromised {hardware} can have much less of an impression as a result of these units are restricted to explicit reminiscence areas if the IOMMU is operational and correctly initialized.

The just lately found vulnerability is brought on by the incorrect method this safety was arrange; in affected motherboards, the UEFI firmware says that DMA safety is on, regardless that the IOMMU was by no means absolutely or appropriately arrange, after which the working system consequently assumes that reminiscence protections are carried out, regardless that they aren’t actively enforced.

The difficulty is being tracked underneath a number of vulnerability identifiers: CVE-2025-11901, CVE-2025-14302, CVE-2025-14303, and CVE-2025-14304, as motherboard distributors implement UEFI options in a different way.

Researchers at Riot Video games, the developer of well-known multiplayer video games like League of Legends and Valorant, have been the primary ones to determine the vulnerability. Vanguard, Riot’s anti-cheat system, is carried out on the kernel degree and incorporates safeguards which are meant to forestall unauthorized system manipulation. Valorant could also be prevented from launching on methods which are affected by this particular flaw, as it detects an unsafe {hardware} safety state.

There’s an necessary limitation to consider, regardless that the attainable impact could possibly be horrible: the flexibility to bodily entry the system and join a malicious PCIe or related machine earlier than the working system boots up are stipulations for a DMA assault. Consequently, the likelihood of widespread exploitation is considerably diminished, significantly for residential customers.

Customers are being suggested to monitor updates from their motherboard producers and apply any accessible firmware patches. Updating the UEFI firmware remains to be important to preserving system safety, significantly in mild of the continuing evolution of hardware-level assaults.

Filed in Computers. Learn extra about Asus, Cybersecurity, Gigabyte, Msi and Security.