CVE-2025-11901_CVE-2025-11901

7 / 10

HIGH

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

An uncontrolled resource consumption vulnerability affects certain ASUS motherboards using Intel B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, W680 series chipsets. Exploitation requires physical access to internal expansion slots to install a specially crafted device and supporting software utility, and may lead to uncontrolled resource consumption that increases the risk of unauthorized direct memory access (DMA).
Refer to the 'Security Update for UEFI firmware' section on the ASUS Security Advisory for more information.

Basic Information

ID CVE-2025-11901

Source ASUS

Published Dec 17, 2025 at 04:23

Affected Product

Vendor ASUS

Product B460 series

Version before 1805, 2002, 3002

Affected Versions ASUS B460 series before 1805, 2002, 3002
ASUS B560 series before 2402, 2803
ASUS B660 series before 3810, 4501
ASUS B760 series before 1825, 3102
ASUS H410 series before 1805, 2002
ASUS H470 series before 3002
ASUS H510 series before 2402, 2803
ASUS H610 series before 3810
ASUS W480 series before 1002, 2603, 3302
ASUS W680 series before 2015, 2701, 4501
ASUS Z590 series before 2402, 2803
ASUS Z690 series before 3810, 4501
ASUS Z790 series before 1825, 2102, 3102

CWE Classification

CWE-284

References

www.asus.com /security-advisory/

{
    "lastseen": "",
    "description": "An uncontrolled resource consumption vulnerability affects certain ASUS motherboards using\u00a0Intel  B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, W680 series chipsets. Exploitation requires physical access to internal expansion slots to install a specially crafted device and supporting software utility, and may lead to uncontrolled resource consumption that increases the risk of unauthorized direct memory access (DMA).\nRefer to the 'Security Update for UEFI firmware' section on the ASUS Security Advisory for more information.",
    "published": "2025-12-17T04:23:51.784Z",
    "modified": "2025-12-17T04:23:51.784Z",
    "type": "cve",
    "title": "CVE-2025-11901",
    "source": "ASUS",
    "references": "https://www.asus.com/security-advisory/",
    "id": "CVE-2025-11901",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "ASUS B460 series before 1805, 2002, 3002\nASUS B560 series before 2402, 2803\nASUS B660 series before 3810, 4501\nASUS B760 series before 1825, 3102\nASUS H410 series before 1805, 2002\nASUS H470 series before 3002\nASUS H510 series before 2402, 2803\nASUS H610 series before 3810\nASUS W480 series before 1002, 2603, 3302\nASUS W680 series before 2015, 2701, 4501\nASUS Z590 series before 2402, 2803\nASUS Z690 series before 3810, 4501\nASUS Z790 series before 1825, 2102, 3102",
    "sourceHref": "",
    "cvss": {
        "score": 7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "B460 series",
    "version": "before 1805, 2002, 3002",
    "vendor": "ASUS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}