GIGABYTE has identified multiple memory corruption vulnerabilities in the System Management Mode (SMM) modules used in several legacy GIGABYTE and AORUS consumer motherboards. These vulnerabilities are present only on older Intel platforms; newer platforms are not affected.
Read the full advisory here:
Impact
Successful exploitation of these vulnerabilities could allow a local attacker to gain elevated privileges or execute arbitrary code within the highly privileged SMM environment.
Mitigation Plan
GIGABYTE is actively releasing BIOS updates to address these issues. Please refer to the schedule below:
Platform BIOS Release Schedule
Intel® H110: June 2025
Intel® Z170, H170, B150, Q170: End of Life – Contact your FAE for support
Intel® Z270, H270, B250, Q270: End of Life – Contact your FAE for support
Intel® Z370, B365: End of Life – Contact your FAE for support
Intel® Z390, H310, B360, Q370, C246: June 2025
Intel® Z490, H470, H410, W480: June 2025
Intel® Z590, B560, H510, Q570: June 2025
Action Required
Users of the affected platforms are strongly encouraged to update to the latest BIOS versions as soon as they become available.
GIGABYTE is committed to maintaining the security and stability of our products, and we appreciate your prompt attention to this advisory.
