CVE-2025-7029

HIGH 8.2

SMM Arbitrary Write via Unchecked OcHeader Buffer in Platform Configuration Handler

CVSS Score

8.2

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used to derive pointers (OcHeader, OcData) passed into power and thermal configuration logic. These buffers are not validated before performing multiple structured memory writes based on OcSetup NVRAM values, enabling arbitrary SMRAM corruption and potential SMM privilege escalation.

Vendor	gigabyte
Product	uefi-overclocksmihandler
Published	Jul 11, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for gigabyte uefi-overclocksmihandler

Be the first to know when new high vulnerabilities affecting gigabyte uefi-overclocksmihandler are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

GIGABYTE / UEFI-OverClockSmiHandler

1.0.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

gigabyte.com: https://www.gigabyte.com/Support/Security binarly.io: https://www.binarly.io/advisories/brly-dva-2025-011 kb.cert.org: https://kb.cert.org/vuls/id/746790 kb.cert.org: https://www.kb.cert.org/vuls/id/746790