Vulnerability Details CVE-2019-5478
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.1%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt
- https://www.xilinx.com/support/answers/72588.html
- https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt
- https://www.xilinx.com/support/answers/72588.html
Products affected by CVE-2019-5478
-
cpe:2.3:h:amd:zu11eg:-
-
cpe:2.3:h:amd:zu15eg:-
-
cpe:2.3:h:amd:zu17eg:-
-
cpe:2.3:h:amd:zu19eg:-
-
cpe:2.3:h:amd:zu1cg:-
-
cpe:2.3:h:amd:zu1eg:-
-
cpe:2.3:h:amd:zu21dr:-
-
cpe:2.3:h:amd:zu25dr:-
-
cpe:2.3:h:amd:zu27dr:-
-
cpe:2.3:h:amd:zu28dr:-
-
cpe:2.3:h:amd:zu29dr:-
-
cpe:2.3:h:amd:zu2cg:-
-
cpe:2.3:h:amd:zu2eg:-
-
cpe:2.3:h:amd:zu39dr:-
-
cpe:2.3:h:amd:zu3cg:-
-
cpe:2.3:h:amd:zu3eg:-
-
cpe:2.3:h:amd:zu3tcg:-
-
cpe:2.3:h:amd:zu3teg:-
-
cpe:2.3:h:amd:zu42dr:-
-
cpe:2.3:h:amd:zu43dr:-
-
cpe:2.3:h:amd:zu46dr:-
-
cpe:2.3:h:amd:zu47dr:-
-
cpe:2.3:h:amd:zu48dr:-
-
cpe:2.3:h:amd:zu49dr:-
-
cpe:2.3:h:amd:zu4cg:-
-
cpe:2.3:h:amd:zu4eg:-
-
cpe:2.3:h:amd:zu4ev:-
-
cpe:2.3:h:amd:zu5cg:-
-
cpe:2.3:h:amd:zu5eg:-
-
cpe:2.3:h:amd:zu5ev:-
-
cpe:2.3:h:amd:zu63dr:-
-
cpe:2.3:h:amd:zu64dr:-
-
cpe:2.3:h:amd:zu65dr:-
-
cpe:2.3:h:amd:zu67dr:-
-
cpe:2.3:h:amd:zu6cg:-
-
cpe:2.3:h:amd:zu6eg:-
-
cpe:2.3:h:amd:zu7cg:-
-
cpe:2.3:h:amd:zu7eg:-
-
cpe:2.3:h:amd:zu7ev:-
-
cpe:2.3:h:amd:zu9cg:-
-
cpe:2.3:h:amd:zu9eg:-
-
cpe:2.3:o:amd:zu11eg_firmware:-
-
cpe:2.3:o:amd:zu15eg_firmware:-
-
cpe:2.3:o:amd:zu17eg_firmware:-
-
cpe:2.3:o:amd:zu19eg_firmware:-
-
cpe:2.3:o:amd:zu1cg_firmware:-
-
cpe:2.3:o:amd:zu1eg_firmware:-
-
cpe:2.3:o:amd:zu21dr_firmware:-
-
cpe:2.3:o:amd:zu25dr_firmware:-
-
cpe:2.3:o:amd:zu27dr_firmware:-
-
cpe:2.3:o:amd:zu28dr_firmware:-
-
cpe:2.3:o:amd:zu29dr_firmware:-
-
cpe:2.3:o:amd:zu2cg_firmware:-
-
cpe:2.3:o:amd:zu2eg_firmware:-
-
cpe:2.3:o:amd:zu39dr_firmware:-
-
cpe:2.3:o:amd:zu3cg_firmware:-
-
cpe:2.3:o:amd:zu3eg_firmware:-
-
cpe:2.3:o:amd:zu3tcg_firmware:-
-
cpe:2.3:o:amd:zu3teg_firmware:-
-
cpe:2.3:o:amd:zu42dr_firmware:-
-
cpe:2.3:o:amd:zu43dr_firmware:-
-
cpe:2.3:o:amd:zu46dr_firmware:-
-
cpe:2.3:o:amd:zu47dr_firmware:-
-
cpe:2.3:o:amd:zu48dr_firmware:-
-
cpe:2.3:o:amd:zu49dr_firmware:-
-
cpe:2.3:o:amd:zu4cg_firmware:-
-
cpe:2.3:o:amd:zu4eg_firmware:-
-
cpe:2.3:o:amd:zu4ev_firmware:-
-
cpe:2.3:o:amd:zu5cg_firmware:-
-
cpe:2.3:o:amd:zu5eg_firmware:-
-
cpe:2.3:o:amd:zu5ev_firmware:-
-
cpe:2.3:o:amd:zu63dr_firmware:-
-
cpe:2.3:o:amd:zu64dr_firmware:-
-
cpe:2.3:o:amd:zu65dr_firmware:-
-
cpe:2.3:o:amd:zu67dr_firmware:-
-
cpe:2.3:o:amd:zu6cg_firmware:-
-
cpe:2.3:o:amd:zu6eg_firmware:-
-
cpe:2.3:o:amd:zu7cg_firmware:-
-
cpe:2.3:o:amd:zu7eg_firmware:-
-
cpe:2.3:o:amd:zu7ev_firmware:-
-
cpe:2.3:o:amd:zu9cg_firmware:-
-
cpe:2.3:o:amd:zu9eg_firmware:-