top of page
perceptive_background_267k.jpg

New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRock

Published:

19 december 2025 om 15:54:48

Alert date:

19 december 2025 om 16:02:35

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Operating Systems, Zero-Day Vulnerabilities, Critical Infrastructure

A new UEFI firmware vulnerability affects motherboards from major manufacturers including ASUS, Gigabyte, MSI, and ASRock. The flaw enables direct memory access (DMA) attacks that can bypass early-boot memory protections. This represents a significant security risk as UEFI-level vulnerabilities can compromise systems before the operating system loads, making them particularly dangerous for persistent attacks. The vulnerability affects multiple major motherboard manufacturers, indicating a widespread impact across the PC hardware ecosystem.

Technical details

UEFI firmware implementation vulnerability allows direct memory access (DMA) attacks that bypass early-boot memory protections. The vulnerability causes UEFI firmware to incorrectly show that DMA protection is enabled even when IOMMU did not initialize correctly. During early boot phase, IOMMU must activate before DMA attacks are possible, but the firmware fails to properly configure and enable IOMMU during early hand-off phase. Malicious PCIe devices with physical access can read or modify system memory before operating system-level safeguards are established. Attacks occur before OS boot with no warnings from security tools, permission prompts, or user alerts.

Mitigation steps:

Check for available firmware updates from motherboard manufacturers
Install firmware updates after backing up important data
Check manufacturer security bulletins for specific affected models (ASUS, MSI, Gigabyte, ASRock)
Update Vanguard anti-cheat system if using Riot Games titles
Monitor for VAN:Restriction system prompts in affected games

Affected products:

ASUS motherboards (specific models listed in security bulletins)
Gigabyte motherboards (specific models listed in security bulletins)
MSI motherboards (specific models listed in security bulletins)
ASRock motherboards (specific models listed in security bulletins)
Riot Games Valorant
Riot Games League of Legends

Related links:

https://tinyurl.com/twcert
https://www.twcert.org.tw/en/lp-139-2.html
https://www.riotgames.com/en/news/vanguard-security-update-motherboard
https://www.kb.cert.org/vuls/id/382314
https://www.asus.com/security-advisory/
https://csr.msi.com/global/product-security-advisories
https://www.gigabyte.com/Support/Security?type=1
https://www.asrock.com/support/Security.asp

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page