Medium Published: Dec 17, 2025

CVE-2025-14302

6.8 CVSS Score Medium

Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Export CVE-2025-14302 Data:

Link copied!

Description

Certain motherboard models developed by GIGABYTE has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security features are loaded.

CVSS Vector Details

Attack Vector Physical

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Weaknesses (CWE)

CWE-693

References & External Links

https://www.gigabyte.com/Support/Security?type=1
https://www.twcert.org.tw/en/cp-139-10575-e4f41-2.html
https://www.twcert.org.tw/tw/cp-132-10574-ddf09-1.html

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

CVE History Timeline

Dec 17, 2025 03:15 New CVE Received

← Back to CVE Tracker