CVE-2025-11901

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ASUS Motherboards with Intel B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, W680 series chipsets

Description An uncontrolled resource consumption issue affects certain ASUS motherboards utilizing Intel B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, and W680 series chipsets. Successful exploitation requires physical access to internal expansion slots to install a specifically designed device and accompanying software. This can lead to uncontrolled resource consumption, potentially increasing the risk of unauthorized direct memory access (DMA).

Recommendations Refer to the 'Security Update for UEFI firmware' section on the ASUS Security Advisory for updated firmware.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2026-00907

CVE-2025-11901

Affected Products

Asus Motherboards

Intel B460

Intel B560

Intel B660

Intel B760

Intel H410

Intel H470

Intel H510

Intel H610

Intel W480

Intel W680

Intel Z590

Intel Z690

Intel Z790

CVE-2025-11901

Weakness Enumeration

Related Identifiers

Affected Products

References · 14