Gigabyte UEFI Firmware Vulnerability Allows Code Execution in SMM Privileged Mode
gbhackersCritical security vulnerabilities in Gigabyte motherboard firmware have been disclosed that allow attackers to execute arbitrary code in System Management Mode (SMM), the most privileged execution level on x86 processors.
The flaws, identified by security researchers at Binarly REsearch, affect multiple Gigabyte motherboard models and stem from improper validation of System Management Interrupt (SMI) handlers in UEFI firmware modules.
Technical Overview of the Vulnerabilities
The four vulnerabilities exploit weaknesses in how Gigabyte’s UEFI firmware handles data passed through SMI communication buffers.
System Management Mode operates at ring -2 privilege level, below the operating system kernel, making it an attractive target for attackers seeking to establish persistent, undetectable malware that can survive OS reinstallation and bypass security mechanisms like Secure Boot.
| CVE ID | Vulnerable Component | Attack Vector | Impact |
| CVE-2025-7029 | Power/Thermal Config | Unchecked RBX register pointer | Arbitrary SMRAM writes via OcHeader/OcData manipulation |
| CVE-2025-7028 | Flash Service SMM | Function pointer corruption ... |
Copyright of this story solely belongs to gbhackers . To see the full text click HERE