Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2025-09304

Опубликовано: 15 апр. 2025
Источник: fstec
CVSS3: 8.2
CVSS2: 6.8
EPSS Низкий

Описание

Уязвимость функции SwSmiInputValue() обработчика System Management Interrupt (SMI) микропрограммного обеспечения материнских плат Gigabyte связана с разыменованием недоверенного указателя. Эксплуатация уязвимости может позволить нарушителю обойти ограничения безопасности, повысить свои привилегии и выполнить произвольный код

Вендор

Gigabyte Technology Co., Ltd.

Наименование ПО

GA-H110M-S2HP
Z590 GAMING X
H510M S2H V2
H510M S2H
GA-H110M-S2V
GA-H110M-S2H
H410M S2H V2 (rev. 1.9/2.1)
H410M H V2 (rev. 1.9)
GA-B150M-DS3H DDR3
GA-H110M-S2V DDR3
GA-H110M-S2 DDR3
H510M DS2
G1.Sniper M7
GA-B150-HD3P
GA-H110M-DS2 DDR3
Z390 AORUS PRO WIFI
Z390 AORUS PRO
Z490 AORUS MASTER
GA-H310TN-CM
H310M D3H
Z390 AORUS XTREME WATERFORCE
B360M D2V
B360M H
B360M GAMING HD
GA-H110M-D3H
GA-H110M-D3H R2 TPM
GA-H110M-D3H R2
B360 AORUS GAMING 3
B360 AORUS GAMING 3 WIFI
GA-B150-HD3 DDR3
H310M S2H
H310M DS2V
Z490 GAMING X AX
Z490 GAMING X
Z490 AORUS MASTER WATERFORCE
B460M H
B460M GAMING HD
GA-H110-D3A
B560 HD3
B460M DS3H AC
B460M AORUS PRO
H510M S2
B560M H V2
H510M DS2V
H510M H
Z490I AORUS ULTRA
GA-B150M-Gaming
B360 HD3P
GA-H110M-DS2 (rev. 1.0/1.1/1.2)
H470M K
H410M K
H510M K V2
H510M S2H V3
H410M H V2
H410M S2 V2
H510M H V2
H510M S2 V2
H470M H
Z590 AORUS MASTER
GA-H110M-DS2V DDR3
GA-B150M-DS3H
Z390 AORUS XTREME
H410M S2H V3
H410M DS2V V3
H410M S2 V3
H410M H V3
GA-H110M-DS2
GA-B150M-D2V
Z490 VISION D
C621 AORUS XTREME
GA-H110TN-E
B360M DS3H
H410M S2H V2
H410M DS2V V2
H510M K
Z590 AORUS ELITE AX
Z590 AORUS ELITE

Версия ПО

F22f (2024-07-31) (GA-H110M-S2HP)
F10 (2023-12-19) (Z590 GAMING X)
F13 (2023-12-19) (H510M S2H V2)
F17 (2023-12-19) (H510M S2H)
F26a (2024-07-31) (GA-H110M-S2V)
F26g (2024-07-31) (GA-H110M-S2H)
FA (2024-07-03) (H410M S2H V2 (rev. 1.9/2.1))
FA (2024-07-09) (H410M H V2 (rev. 1.9))
F21f (2024-07-31) (GA-B150M-DS3H DDR3)
F21e (2024-07-31) (GA-H110M-S2V DDR3)
F20g (2024-07-31) (GA-H110M-S2 DDR3)
F15 (2023-12-19) (H510M DS2)
F20h (2024-07-31) (G1.Sniper M7)
F24h (2024-07-31) (GA-B150-HD3P)
F20g (2024-07-31) (GA-H110M-DS2 DDR3)
F13 (2024-01-11) (Z390 AORUS PRO WIFI)
F13 (2024-01-11) (Z390 AORUS PRO)
F23 (2023-12-20) (Z490 AORUS MASTER)
F17 (2024-01-11) (GA-H310TN-CM)
F5 (2024-01-11) (H310M D3H)
F8 (2024-01-11) (Z390 AORUS XTREME WATERFORCE)
F16 (2024-01-10) (B360M D2V)
F16 (2024-01-10) (B360M H)
F16 (2024-01-10) (B360M GAMING HD)
F22f (2024-07-31) (GA-H110M-D3H)
F22e (2024-07-31) (GA-H110M-D3H R2 TPM)
F24a (2024-07-31) (GA-H110M-D3H R2)
F16 (2024-01-10) (B360 AORUS GAMING 3)
F16 (2024-01-10) (B360 AORUS GAMING 3 WIFI)
F20h (2024-07-31) (GA-B150-HD3 DDR3)
F18 (2024-01-11) (H310M S2H)
FQ (2024-01-11) (H310M S2H)
F17 (2024-01-11) (H310M DS2V)
F23 (2023-12-20) (Z490 GAMING X AX)
F23 (2023-12-20) (Z490 GAMING X)
F23 (2023-12-20) (Z490 AORUS MASTER WATERFORCE)
F5 (2024-01-04) (B460M H)
F7 (2024-01-04) (B460M GAMING HD)
F26a (2024-07-31) (GA-H110-D3A)
F17 (2023-12-19) (B560 HD3)
F7 (2024-01-04) (B460M DS3H AC)
F8 (2024-01-04) (B460M AORUS PRO)
F16 (2023-12-19) (H510M S2)
F4 (2023-12-19) (B560M H V2)
F16 (2023-12-19) (H510M DS2V)
F19 (2023-12-19) (H510M H)
F23 (2023-12-20) (Z490I AORUS ULTRA)
F20h (2024-07-31) (GA-B150M-Gaming)
F16 (2024-01-11) (B360 HD3P)
F28b (2024-07-31) (GA-H110M-DS2 (rev. 1.0/1.1/1.2))
F8 (2023-12-20) (H470M K)
FC (2023-12-20) (H410M K)
F3 (2023-12-20) (H510M K V2)
F3 (2023-12-20) (H510M S2H V3)
FC (2023-12-20) (H410M H V2)
F5 (2024-01-04) (H410M H V2)
FC (2023-12-20) (H410M S2 V2)
F5 (2024-01-04) (H410M S2 V2)
F3 (2023-12-20) (H510M H V2)
F3 (2023-12-20) (H510M S2 V2)
F5 (2023-12-20) (H470M H)
F10 (2023-12-19) (Z590 AORUS MASTER)
F22a (2024-07-31) (GA-H110M-DS2V DDR3)
F22h (2024-07-31) (GA-B150M-DS3H)
F10 (2024-01-11) (Z390 AORUS XTREME)
F9 (2023-12-20) (H410M S2H V3)
F9 (2023-12-20) (H410M DS2V V3)
F9 (2023-12-20) (H410M S2 V3)
F9 (2023-12-20) (H410M H V3)
FCa (2024-07-31) (GA-H110M-DS2)
F22f (2024-07-31) (GA-B150M-D2V)
F23 (2023-12-20) (Z490 VISION D)
F4b (2024-08-22) (C621 AORUS XTREME)
F23f (2024-07-31) (GA-H110TN-E)
F19 (2024-01-10) (B360M DS3H)
F6 (2024-01-04) (H410M S2H V2)
F5 (2024-01-04) (H410M DS2V V2)
F6 (2023-12-19) (H510M K)
F10 (2023-12-19) (Z590 AORUS ELITE AX)
F8 (2023-12-19) (Z590 AORUS ELITE)

Тип ПО

Микропрограммный код

Операционные системы и аппаратные платформы

-

Уровень опасности уязвимости

Средний уровень опасности (базовая оценка CVSS 2.0 составляет 6,8)
Высокий уровень опасности (базовая оценка CVSS 3.1 составляет 8,2)

Возможные меры по устранению уязвимости

Использование рекомендаций производителя:
https://www.gigabyte.com/Support/Security/2302

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Существует в открытом доступе

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 5%
0.0002
Низкий

8.2 High

CVSS3

6.8 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2025-7026

CVSS3: 8.2
nvd
7 месяцев назад

A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values (e.g., '$DB$' or '2DB$'), the function performs arbitrary writes to System Management RAM (SMRAM), leading to potential privilege escalation to System Management Mode (SMM) and persistent firmware compromise.

github логотип

GHSA-g884-34r9-cwxq

CVSS3: 8.2
github
7 месяцев назад

A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values (e.g., '$DB$' or '2DB$'), the function performs arbitrary writes to System Management RAM (SMRAM), leading to potential privilege escalation to System Management Mode (SMM) and persistent firmware compromise.

EPSS

Процентиль: 5%
0.0002
Низкий

8.2 High

CVSS3

6.8 Medium

CVSS2