CVE-2025-14302

Summary

Certain motherboard models developed by GIGABYTE has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security features are loaded.

Affected Software

VendorProductVersion RangeStatus
GIGABYTEintel 600 chipset Motherboard0affected
GIGABYTEintel 700 chipset Motherboard0affected
GIGABYTEintel 800 chipset Motherboard0affected
GIGABYTEAMD 600 chipset motherboard0affected
GIGABYTEAMD 800 chipset motherboard0affected
GIGABYTEAMD TRX50 chipset motherboard0affected

Weaknesses

  • CWE-693: CWE-693 Protection Mechanism Failure

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References