- UEFI flaw leaves ASUS, Gigabyte, MSI, and ASRock motherboards uncovered to DMA assaults
- Firmware falsely experiences IOMMU safety enabled, permitting malicious PCIe units pre‑boot entry
- Riot Video games found challenge; customers ought to apply vendor firmware updates to mitigate threat
A vulnerability within the implementation of UEFI firmware has left many widespread motherboards weak to direct reminiscence entry (DMA) assaults, researchers have warned, with these assaults presumably leading to stubbornly persistent entry, publicity of encryption keys and credentials, and a myriad of different issues.
Most fashionable computer systems use UEFI firmware, low-level software program constructed into the motherboard that initializes {hardware} and securely begins the working system. Amongst different issues, the firmware is chargeable for initializing and appropriately enabling the Enter-Output Reminiscence Administration Unit (IOMMU) isolation layer.
This hardware-enforced layer sits between system RAM and units that may learn and write on to RAM with out involving the CPU – direct reminiscence entry (DMA) units. These embody PCIe playing cards, Thunderbolt units, GPUs, and so forth. and related. When it’s correctly initialized, a malicious gadget can’t learn or write arbitrary reminiscence.
False positives
The vulnerability happens as a result of, on affected motherboards, the UEFI firmware experiences that DMA safety is enabled despite the fact that the IOMMU was by no means appropriately initialized. In different phrases, the system believes the reminiscence firewall is on when it’s not implementing any guidelines but.
Since totally different distributors implement this characteristic otherwise, the vulnerability is tracked below totally different identifiers. Due to this fact, the bug is tracked as CVE-2025-11901, CVE-2025‑14302, CVE-2025-14303, and CVE-2025-14304 and impacts some motherboards from ASUS, Gigabyte, MSI, and ASRock.
It was first found by researchers from Riot Video games, creators of a few of the world’s hottest multiplayer video games, similar to League of Legends, or Valorant. Riot has a software referred to as Vanguard, which works at kernel degree and prevents cheats from getting used. On weak methods, Vanguard blocks Valorant from beginning.
Whereas the vulnerability does sound ominous, there’s a main caveat – a PCIe gadget must be related for a DMA assault, earlier than the working system begins. Nonetheless, customers are suggested to verify with their motherboard producers for firmware updates.
Through BleepingComputer
The perfect antivirus for all budgets
Observe TechRadar on Google Information and add us as a most popular supply to get our skilled information, evaluations, and opinion in your feeds. Ensure that to click on the Observe button!
And naturally you can even observe TechRadar on TikTok for information, evaluations, unboxings in video kind, and get common updates from us on WhatsApp too.
