A new UEFI flaw exposes some ASRock, ASUS, GIGABYTE, and MSI motherboards to early-boot DMA attacks, bypassing IOMMU protections.
Researchers warn of a new UEFI vulnerability that affects select ASRock, ASUS, GIGABYTE, and MSI motherboards, enabling early-boot DMA attacks that bypass IOMMU protections.
UEFI (Unified Extensible Firmware Interface) is the modern firmware standard that initializes hardware and starts the operating system during boot, replacing legacy BIOS. It runs before the OS loads and has high privileges, making it a critical security boundary. IOMMU (Input–Output Memory Management Unit) is a hardware feature that controls how devices like GPUs or network cards access system memory, preventing unauthorized direct memory access (DMA). Together, UEFI and IOMMU are designed to ensure secure boot and isolate devices, but flaws in their implementation can expose systems to powerful early-boot attacks.
Modern systems use UEFI and IOMMU to protect memory during boot by restricting DMA-capable devices. A flaw in some UEFI implementations falsely reports DMA protection as active while failing to enable the IOMMU early in the boot process. This gap allows malicious PCIe devices with physical access to read or modify memory before OS protections load. Vendors are issuing firmware updates, which users should apply promptly to mitigate pre-boot DMA attack risks.
The researchers Nick Peterson and Mohamed Al-Sharifi of Riot Games discovered te vulnerability that impacts certain UEFI implementations.
“A newly identified vulnerability in some UEFI-supported motherboard models leaves systems vulnerable to early-boot DMA attacks across architectures that implement UEFI and IOMMU. Although the firmware indicates that DMA protection is active, it fails to correctly initialize the IOMMU.” reads the advisory published by the CERT Coordination Center (CERT/CC). “Therefore, a malicious PCIe device with physical access can read or modify system memory before the operating system’s defenses load. This exposes sensitive data and enables pre-boot code injection on affected systems running unpatched firmware.”
ASRock, Asus, Gigabyte, and MSI confirmed some motherboards are affected and have issued advisories with firmware patch information.
Affected vendors are releasing firmware updates to fix IOMMU initialization and restore DMA protections. Users should patch promptly, especially where physical access isn’t tightly controlled, to prevent pre-boot DMA attacks and protect system integrity.
“This gap allows a malicious DMA-capable Peripheral Component Interconnect Express (PCIe) device with physical access to read or modify system memory before operating system-level safeguards are established.” continues the report. “As a result, attackers could potentially access sensitive data in memory or influence the initial state of the system, thus undermining the integrity of the boot process.”
Users and admins should promptly apply firmware updates to fix IOMMU initialization and restore DMA protections, monitoring vendor advisories for new patches.
“In environments where physical access cannot be fully controlled or relied on, prompt patching and adherence to hardware security best practices are especially important,” CERT/CC concludes. “Because the IOMMU also plays a foundational role in isolation and trust delegation in virtualized and cloud environments, this flaw highlights the importance of ensuring correct firmware configuration even on systems not typically used in data centers.”
The vulnerabilities that allow bypassing early-boot memory protection are listed below:
- CVE-2025-11901 (CVSS score: 7.0) – Certain ASUS motherboards with Intel B/H/Z/W series chipsets have a vulnerability that allows physical attackers to cause uncontrolled resource use, raising DMA risk.
- CVE-2025-14302 (CVSS score: 7.0) – Some GIGABYTE motherboards have a Protection Mechanism Failure: improper IOMMU setup lets physical attackers use DMA-capable PCIe devices to access memory before the OS loads.
- CVE-2025-14303 (CVSS score: 7.0) – Some MSI motherboards have a Protection Mechanism Failure, allowing physical attackers with DMA-capable PCIe devices to access memory before the OS loads.
- CVE-2025-14304 (CVSS score: 7.0) – Some ASRock, ASRockRack, and ASRockInd motherboards have a Protection Mechanism Failure, letting physical attackers with DMA-capable PCIe devices access memory before the OS loads.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, UEFI)