CVE-2025-14302

Name of the Vulnerable Software and Affected Versions GIGABYTE motherboard models (affected versions not specified)

Description A protection mechanism failure exists in certain GIGABYTE motherboard models due to improperly enabled IOMMU. This allows unauthenticated physical attackers with a DMA-capable PCIe device to read and write arbitrary physical memory before the operating system kernel and its security features are loaded. IOMMU (Input/Output Memory Management Unit) is a component of a motherboard that manages memory access for peripheral devices. When not properly enabled, it can lead to direct memory access (DMA) attacks, where an attacker can bypass the operating system and directly access system memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.