VDB

CVE-2025-14304

CVE-2025-14304 PUBLISHED CVSS 6.800000190734863 MEDIUM

Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd. has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security features are loaded.

EPSS 0.08% · 23.1th percentile

Risk Scores

CVSS 3.1
6.800000190734863
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.08%
23.1th percentile

Affected Products

VendorProductVersions
ASRockIntel 700 chipset motherboard0
ASRockIntel 500 chipset motherboard0
ASRockRackIntel 700 chipset motherboard0
ASRockIndIntel 800 chipset motherboard0
ASRockRackIntel 800 chipset motherboard0
ASRockIndIntel 500 chipset motherboard0
ASRockIntel 800 chipset motherboard0
ASRockIndIntel 600 chipset motherboard0
ASRockIndIntel 700 chipset motherboard0
ASRockRackIntel 500 chipset motherboard0
ASRockRackIntel 600 chipset motherboard0
ASRockIntel 600 chipset motherboard0

Timeline

  • Dec 9, 2025 CVE ID Reserved
  • Dec 17, 2025 EPSS Score
  • Dec 17, 2025 CVE Published
  • Dec 17, 2025 CVE Updated
  • Dec 19, 2025 PoC Published
  • Dec 21, 2025 EPSS Score
  • Dec 25, 2025 EPSS Score
  • Dec 29, 2025 EPSS Score
  • Jan 2, 2026 EPSS Score
  • Jan 6, 2026 EPSS Score
  • Jan 10, 2026 EPSS Score
  • Jan 14, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›