New UEFI Firmware Flaw Exposes Well-liked Motherboards To Assaults

Cybersecurity consultants simply discovered a flaw in the UEFI firmware that many trendy motherboards use. The “bug” may let attackers do direct reminiscence entry (DMA) assaults on techniques, which can allow unauthorized customers to achieve deep and protracted entry to affected techniques below sure situations, and the worst half is that it impacts boards from a number of main producers, together with Gigabyte, MSI, ASUS, and ASRock.

To offer you context, the PC motherboard accommodates low-level software program referred to as UEFI, or Unified Extensible Firmware Interface, which securely begins the working system and initializes {hardware} elements. Considered one of its major safety obligations is to allow the Enter-Output Reminiscence Administration Unit (IOMMU), a hardware-based isolation mechanism that’s meant to safeguard system reminiscence. If arrange accurately, the IOMMU stops exterior units from studying or writing to random components of system RAM.

Parts corresponding to PCIe growth playing cards, Thunderbolt peripherals, GPUs, and related {hardware} that may entry reminiscence instantly with out passing via the CPU are included in DMA-capable units. Malicious or compromised {hardware} can have much less of an impression as a result of these units are restricted to specific reminiscence areas if the IOMMU is operational and correctly initialized.

The not too long ago found vulnerability is attributable to the fallacious method this safety was arrange; in affected motherboards, the UEFI firmware says that DMA safety is on, despite the fact that the IOMMU was by no means absolutely or accurately arrange, after which the working system consequently assumes that reminiscence protections are applied, despite the fact that they aren’t actively enforced.

The problem is being tracked below a number of vulnerability identifiers: CVE-2025-11901, CVE-2025-14302, CVE-2025-14303, and CVE-2025-14304, as motherboard distributors implement UEFI options otherwise.

Researchers at Riot Video games, the developer of well-known multiplayer video games like League of Legends and Valorant, have been the primary ones to establish the vulnerability. Vanguard, Riot’s anti-cheat system, is applied on the kernel stage and incorporates safeguards which are meant to stop unauthorized system manipulation. Valorant could also be prevented from launching on techniques which are affected by this particular flaw, as it detects an unsafe {hardware} safety state.

There’s an vital limitation to consider, despite the fact that the doable impact may very well be horrible: the flexibility to bodily entry the system and join a malicious PCIe or related system earlier than the working system boots up are stipulations for a DMA assault. Consequently, the chance of widespread exploitation is considerably diminished, significantly for residential customers.

Customers are being suggested to monitor updates from their motherboard producers and apply any out there firmware patches. Updating the UEFI firmware continues to be important to preserving system safety, significantly in mild of the continued evolution of hardware-level assaults.

Filed in Computers. Learn extra about Asus, Cybersecurity, Gigabyte, Msi and Security.