exploitDog

CVE-2025-14304

Опубликовано: 17 дек. 2025

Источник: nvd

CVSS3: 6.8

EPSS Низкий

Описание

Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd. has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security features are loaded.

Ссылки

EPSS

Процентиль: 24%

0.00083

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-693

Связанные уязвимости

GHSA-phpw-4hqh-3488

CVSS3: 6.8

github

около 2 месяцев назад

Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd. has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security features are loaded.

BDU:2026-00909

CVSS3: 6.8

fstec

около 2 месяцев назад

Уязвимость микропрограммного обеспечения UEFI материнских плат ASRock на базе чипсетов Intel 500, 600,700 и 800, позволяющая нарушителю провести DMA-атаку и обойти существующие ограничения безопасности

EPSS

Процентиль: 24%

0.00083

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-693