The Daily Patch
Back to News
vulnerability🌐InternationalThe Hacker News

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

Friday, December 19, 2025

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

What

A security vulnerability in UEFI implementations on specific motherboards allows physical attackers to exploit DMA capabilities, potentially accessing or altering system memory before operating system protections are active.

Where

International, affecting users of the specified motherboard brands globally.

When

The vulnerabilities were reported recently, with firmware updates being released to address the issues.

Key Factors

  • Vulnerability allows unauthorized memory access via DMA-capable PCIe devices.
  • Firmware indicates DMA protection is active but fails to enable IOMMU during boot.
  • Four specific CVEs have been identified, all with a CVSS score of 7.0.

Takeaways

  • End users and administrators must apply firmware updates promptly to mitigate risks.
  • The incident underscores the importance of secure firmware configuration in all environments, including virtualized and cloud systems.
  • Organizations should enforce strict physical access controls to systems to prevent exploitation.
Read Full Article

Opens original article on The Hacker News

Similar News

Over 10K Fortinet Firewalls Exposed to Actively Exploited 2FA Bypass

Over 10K Fortinet Firewalls Exposed to Actively Exploited 2FA Bypass

Kimwolf Botnet Exploits Residential Proxies to Infiltrate Home Networks

Kimwolf Botnet Exploits Residential Proxies to Infiltrate Home Networks

RondoDox Botnet Exploits Critical React2Shell Flaw in Next.js Servers

RondoDox Botnet Exploits Critical React2Shell Flaw in Next.js Servers

IBM API Connect Critical Authentication Bypass Disclosed

IBM API Connect Critical Authentication Bypass Disclosed