Trend-Forward Shopping Made Affordable – Find Your Next Favorite Item Today!

New UEFI Firmware Flaw Exposes Well-liked Motherboards To Assaults

Cybersecurity specialists simply discovered a flaw in the UEFI firmware that many trendy motherboards use. The “bug” might let attackers do direct reminiscence entry (DMA) assaults on techniques, which can allow unauthorized customers to realize deep and protracted entry to affected techniques beneath sure situations, and the worst half is that it impacts boards from a number of main producers, together with Gigabyte, MSI, ASUS, and ASRock.

To offer you context, the PC motherboard comprises low-level software program known as UEFI, or Unified Extensible Firmware Interface, which securely begins the working system and initializes {hardware} parts. One in every of its main safety obligations is to allow the Enter-Output Reminiscence Administration Unit (IOMMU), a hardware-based isolation mechanism that’s meant to safeguard system reminiscence. If arrange accurately, the IOMMU stops exterior units from studying or writing to random components of system RAM.

Elements comparable to PCIe growth playing cards, Thunderbolt peripherals, GPUs, and related {hardware} that may entry reminiscence instantly with out passing via the CPU are included in DMA-capable units. Malicious or compromised {hardware} can have much less of an influence as a result of these units are restricted to explicit reminiscence areas if the IOMMU is operational and correctly initialized.

The just lately found vulnerability is attributable to the unsuitable approach this safety was arrange; in affected motherboards, the UEFI firmware says that DMA safety is on, although the IOMMU was by no means totally or accurately arrange, after which the working system consequently assumes that reminiscence protections are applied, although they don’t seem to be actively enforced.

The difficulty is being tracked beneath a number of vulnerability identifiers: CVE-2025-11901, CVE-2025-14302, CVE-2025-14303, and CVE-2025-14304, as motherboard distributors implement UEFI options otherwise.

Researchers at Riot Video games, the developer of well-known multiplayer video games like League of Legends and Valorant, have been the primary ones to establish the vulnerability. Vanguard, Riot’s anti-cheat system, is applied on the kernel degree and incorporates safeguards which are meant to forestall unauthorized system manipulation. Valorant could also be prevented from launching on techniques which are affected by this particular flaw, as it detects an unsafe {hardware} safety state.

There’s an necessary limitation to consider, although the potential impact could possibly be horrible: the flexibility to bodily entry the system and join a malicious PCIe or related machine earlier than the working system boots up are stipulations for a DMA assault. Consequently, the likelihood of widespread exploitation is considerably diminished, notably for residential customers.

Customers are being suggested to monitor updates from their motherboard producers and apply any accessible firmware patches. Updating the UEFI firmware remains to be important to preserving system safety, notably in mild of the continued evolution of hardware-level assaults.

Filed in Computers. Learn extra about , , , and .

Trending Merchandise

- 33% Lenovo Ideapad Laptop Touchscreen 1...
Original price was: $823.50.Current price is: $549.00.

Lenovo Ideapad Laptop Touchscreen 1...

0
Add to compare
- 12% Lenovo Latest 15.6″ FHD Lapto...
Original price was: $429.00.Current price is: $378.99.

Lenovo Latest 15.6″ FHD Lapto...

0
Add to compare
- 10% LG FHD 32-Inch Pc Monitor 32ML600M-...
Original price was: $199.99.Current price is: $179.99.

LG FHD 32-Inch Pc Monitor 32ML600M-...

0
Add to compare
- 27% MSI MPG GUNGNIR 110R – Premiu...
Original price was: $109.99.Current price is: $79.99.

MSI MPG GUNGNIR 110R – Premiu...

0
Add to compare
- 30% Wireless Keyboard and Mouse Combo, ...
Original price was: $47.18.Current price is: $32.99.

Wireless Keyboard and Mouse Combo, ...

0
Add to compare
- 35% LG 24MP60G-B 24″ Full HD (192...
Original price was: $154.98.Current price is: $99.99.

LG 24MP60G-B 24″ Full HD (192...

0
Add to compare
- 43% Lian Li O11 Vision -Three Sided Tem...
Original price was: $244.98.Current price is: $139.99.

Lian Li O11 Vision -Three Sided Tem...

0
Add to compare
- 38% Dell Inspiron 15 3000 3520 Business...
Original price was: $808.22.Current price is: $498.90.

Dell Inspiron 15 3000 3520 Business...

0
Add to compare
- 36% Logitech Wave Keys MK670 Combo, Wir...
Original price was: $124.78.Current price is: $79.99.

Logitech Wave Keys MK670 Combo, Wir...

0
Add to compare
- 23% CORSAIR 6500X Tempered Glass Mid-To...
Original price was: $199.99.Current price is: $154.99.

CORSAIR 6500X Tempered Glass Mid-To...

0
Add to compare
.

We will be happy to hear your thoughts

Leave a reply

SavvyTrendStore
Logo
Register New Account
Compare items
  • Total (0)
Compare
0
Shopping cart