CVE-2025-14304

Name of the Vulnerable Software and Affected Versions ASRock, ASRockRack, and ASRockInd motherboards (affected versions not specified)

Description Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd, exhibit a Protection Mechanism Failure. This is due to IOMMU not being properly enabled. An unauthenticated physical attacker with a DMA-capable PCIe device can read and write arbitrary physical memory before the operating system kernel and its security features are loaded.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.