Researchers at Binarly have disclosed multiple high-impact vulnerabilities affecting the UEFI firmware of over 240 Gigabyte motherboard models. These flaws allow privileged attackers to execute malicious code within System Management Mode (SMM), a highly privileged firmware layer, bypassing UEFI Secure Boot protections.
The vulnerabilities stem from insecurely implemented SMI (System Management Interrupt) handlers that fail to properly validate input from the operating system. This oversight permits an attacker to inject arbitrary code into SMM, granting them persistence below the OS level and the ability to subvert platform security features, including Secure Boot.
The affected motherboards span numerous Gigabyte product lines, with some older series boards also impacted. Notably, firmware updates are unavailable for several legacy models, leaving many systems potentially unprotected.
Gigabyte began releasing patched firmware on June 12, 2025. However, successful mitigation requires firmware updates by end users.
Users are strongly encouraged to:
- Check Gigabyte’s official support page for available firmware updates;
- Apply updates immediately;
- Â Verify Secure Boot remains enabled after the update;
- Â Consider replacing hardware that is no longer supported.
Due to the stealthy nature of firmware-based threats, affected systems may be susceptible to long-term compromise even after OS-level remediation.
Reference:
CVE-2025-7026,
CVE-2025-7027,
CVE-2025-7028,
CVE-2025-7029
VU#746790
