Protection Mechanism Failure in GIGABYTE Motherboards
CVE-2025-14302

7HIGH

Key Information:

Vendor

Gigabyte

Status
Intel 600 Chipset Motherboard
Intel 700 Chipset Motherboard
Intel 800 Chipset Motherboard
Amd 600 Chipset Motherboard
Vendor
CVE Published:
17 December 2025

What is CVE-2025-14302?

Certain motherboard models developed by GIGABYTE exhibit a vulnerability due to improper enabling of the IOMMU protection mechanism. This flaw allows unauthenticated physical attackers to exploit DMA-capable PCIe devices, facilitating unauthorized read and write access to arbitrary physical memory before the operating system kernel and its associated security features are initiated.

Affected Version(s)

AMD 600 chipset motherboard 0

AMD 800 chipset motherboard 0

AMD TRX50 chipset motherboard 0

References

https://www.twcert.org.tw/tw/cp-132-10574-ddf09-1.html
third-party-advisory
https://www.twcert.org.tw/en/cp-139-10575-e4f41-2.html
third-party-advisory
https://www.gigabyte.com/Support/Security?type=1
vendor-advisory

CVSS V4

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-14302 : Protection Mechanism Failure in GIGABYTE Motherboards