CVE-2025-7026

Name of the Vulnerable Software and Affected Versions Gigabyte motherboards (affected versions not specified) Intel® H110 Intel® Z170, H170, B150, Q170 Intel® Z270, H270, B250, Q270 Intel® Z370, B365 Intel® Z390, H310, B360, Q370, C246 Intel® Z490, H470, H410, W480 Intel® Z590, B560, H510, Q570

Description A vulnerability exists in the Software SMI handler (SwSmiInputValue 0xB2) that allows a local attacker to control the RBX register. This register is used as an unchecked pointer within the CommandRcx0 function. If the contents of RBX match specific values, such as '$DB$' or '2DB$', the function can perform arbitrary writes to System Management RAM (SMRAM). Successful exploitation may lead to privilege escalation to System Management Mode (SMM) and persistent firmware compromise. The vulnerability affects over 240 Gigabyte motherboard models and allows attackers to plant bootkits with root-level access.

Recommendations Update to the latest BIOS versions as soon as they become available for Intel® H110 (scheduled for June 2025). Contact the Field Application Engineer (FAE) for support for Intel® Z170, H170, B150, Q170, Intel® Z270, H270, B250, Q270, Intel® Z370, B365, as these platforms are end-of-life (EOL). Update to the latest BIOS versions as soon as they become available for Intel® Z390, H310, B360, Q370, C246 (scheduled for June 2025). Update to the latest BIOS versions as soon as they become available for Intel® Z490, H470, H410, W480 (scheduled for June 2025). Update to the latest BIOS versions as soon as they become available for Intel® Z590, B560, H510, Q570 (scheduled for June 2025).