CVE-2025-7028 Information
Jul 12, 2025
cve
Description
A vulnerability in the Software SMI handler (SwSmiInputValue 0x20) allows a local attacker to supply a crafted pointer (FuncBlock) through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions (ReadFlash WriteFlash EraseFlash and GetFlashInfo) that dereference both the structure and its nested members such as BufAddr. This enables arbitrary read/write access to System Management RAM (SMRAM) allowing an attacker to corrupt firmware memory exfiltrate SMRAM content via flash or install persistent implants.
Reference
https://kb.cert.org/vuls/id/746790 https://www.binarly.io/advisories/brly-dva-2025-010 https://www.gigabyte.com/Support/Security
Related CNNVD
CNNVD-202507-1678 (Published: 2025-07-11)
Share on: