CVE-2019-5478

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:amd:zu11eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu11eg:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:amd:zu15eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu15eg:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:amd:zu17eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu17eg:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:amd:zu19eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu19eg:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:amd:zu1cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu1cg:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:amd:zu1eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu1eg:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:amd:zu21dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu21dr:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:amd:zu25dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu25dr:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:amd:zu27dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu27dr:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:amd:zu28dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu28dr:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:amd:zu29dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu29dr:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:amd:zu2cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu2cg:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:amd:zu2eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu2eg:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:amd:zu39dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu39dr:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:amd:zu3cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu3cg:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:amd:zu3eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu3eg:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:amd:zu3tcg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu3tcg:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:amd:zu3teg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu3teg:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:amd:zu42dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu42dr:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:amd:zu43dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu43dr:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:amd:zu46dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu46dr:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:amd:zu47dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu47dr:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:amd:zu48dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu48dr:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:amd:zu49dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu49dr:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:amd:zu4cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu4cg:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:amd:zu4eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu4eg:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:amd:zu4ev_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu4ev:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:amd:zu5cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu5cg:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:amd:zu5eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu5eg:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:amd:zu5ev_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu5ev:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:amd:zu63dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu63dr:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:amd:zu64dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu64dr:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:amd:zu65dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu65dr:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:amd:zu67dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu67dr:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:amd:zu6cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu6cg:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:amd:zu6eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu6eg:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:amd:zu7cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu7cg:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:amd:zu7eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu7eg:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:amd:zu7ev_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu7ev:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:amd:zu9cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu9cg:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:amd:zu9eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu9eg:-:*:*:*:*:*:*:*

History

27 Nov 2024, 16:10

Type Values Removed Values Added
First Time Amd zu4eg
Amd zu29dr Firmware
Amd zu7ev
Amd zu9eg
Amd zu6eg
Amd zu28dr
Amd zu2eg Firmware
Amd zu9eg Firmware
Amd zu48dr
Amd zu6eg Firmware
Amd zu48dr Firmware
Amd zu3cg Firmware
Amd zu2cg
Amd zu1cg Firmware
Amd zu7cg
Amd zu4ev
Amd zu4cg
Amd zu19eg Firmware
Amd zu5ev Firmware
Amd zu43dr Firmware
Amd
Amd zu6cg Firmware
Amd zu43dr
Amd zu2eg
Amd zu11eg
Amd zu9cg
Amd zu1eg
Amd zu21dr Firmware
Amd zu19eg
Amd zu3teg
Amd zu63dr
Amd zu15eg
Amd zu49dr Firmware
Amd zu25dr
Amd zu9cg Firmware
Amd zu49dr
Amd zu67dr
Amd zu3teg Firmware
Amd zu7eg
Amd zu46dr
Amd zu4ev Firmware
Amd zu67dr Firmware
Amd zu7eg Firmware
Amd zu47dr
Amd zu3tcg
Amd zu28dr Firmware
Amd zu65dr Firmware
Amd zu25dr Firmware
Amd zu46dr Firmware
Amd zu42dr Firmware
Amd zu3eg
Amd zu21dr
Amd zu39dr Firmware
Amd zu64dr Firmware
Amd zu1cg
Amd zu42dr
Amd zu7cg Firmware
Amd zu5ev
Amd zu11eg Firmware
Amd zu2cg Firmware
Amd zu64dr
Amd zu7ev Firmware
Amd zu27dr
Amd zu3cg
Amd zu4cg Firmware
Amd zu15eg Firmware
Amd zu5cg Firmware
Amd zu5cg
Amd zu27dr Firmware
Amd zu17eg
Amd zu5eg Firmware
Amd zu3eg Firmware
Amd zu63dr Firmware
Amd zu1eg Firmware
Amd zu6cg
Amd zu3tcg Firmware
Amd zu17eg Firmware
Amd zu4eg Firmware
Amd zu47dr Firmware
Amd zu5eg
Amd zu65dr
Amd zu39dr
Amd zu29dr
CPE cpe:2.3:h:xilinx:zynq_ultrascale\+_rfsoc:-:*:*:*:*:*:*:*
cpe:2.3:o:xilinx:zynq_ultrascale\+_rfsoc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:xilinx:zynq_ultrascale\+_mpsoc:-:*:*:*:*:*:*:*
cpe:2.3:o:xilinx:zynq_ultrascale\+_mpsoc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu19eg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu47dr:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu9eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu21dr:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu1cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu47dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu9eg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu4ev:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu3cg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu49dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu48dr:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu7eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu42dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu43dr:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu6cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu3cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu15eg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu21dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu1eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu5ev_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu3tcg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu5cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu3tcg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu7cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu46dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu3eg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu1cg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu39dr:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu28dr:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu63dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu67dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu49dr:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu65dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu42dr:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu7ev:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu19eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu27dr:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu67dr:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu11eg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu5eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu6eg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu2eg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu3teg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu48dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu5ev:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu64dr:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu6cg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu4ev_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu29dr:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu65dr:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu1eg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu29dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu17eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu4cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu2cg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu6eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu17eg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu2cg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu5cg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu7eg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu4eg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu11eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu46dr:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu28dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu25dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu64dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu2eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu7ev_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu4eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu43dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu3eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu25dr:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu63dr:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu27dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu3teg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu9cg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu4cg:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu7cg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu15eg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:zu5eg:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu39dr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:amd:zu9cg_firmware:-:*:*:*:*:*:*:*

21 Nov 2024, 04:45

Type Values Removed Values Added
References () https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt - Third Party Advisory () https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt - Third Party Advisory
References () https://www.xilinx.com/support/answers/72588.html - Vendor Advisory () https://www.xilinx.com/support/answers/72588.html - Vendor Advisory

Information

Published : 2019-09-03 20:15

Updated : 2024-11-27 16:10


NVD link : CVE-2019-5478

Mitre link : CVE-2019-5478

CVE.ORG link : CVE-2019-5478


JSON object : View

Products Affected

amd

  • zu28dr
  • zu42dr
  • zu65dr
  • zu3cg_firmware
  • zu46dr
  • zu11eg
  • zu1cg_firmware
  • zu29dr
  • zu48dr_firmware
  • zu63dr
  • zu5ev_firmware
  • zu9eg
  • zu3eg
  • zu7cg_firmware
  • zu11eg_firmware
  • zu1eg_firmware
  • zu6cg
  • zu2cg
  • zu42dr_firmware
  • zu4eg
  • zu5eg
  • zu15eg
  • zu4ev_firmware
  • zu4cg_firmware
  • zu67dr_firmware
  • zu7cg
  • zu9cg_firmware
  • zu28dr_firmware
  • zu27dr
  • zu46dr_firmware
  • zu19eg
  • zu64dr
  • zu21dr_firmware
  • zu5ev
  • zu29dr_firmware
  • zu3tcg
  • zu2eg_firmware
  • zu25dr_firmware
  • zu19eg_firmware
  • zu21dr
  • zu67dr
  • zu5eg_firmware
  • zu4cg
  • zu9cg
  • zu43dr
  • zu3teg_firmware
  • zu17eg
  • zu64dr_firmware
  • zu6eg_firmware
  • zu3cg
  • zu47dr_firmware
  • zu7eg_firmware
  • zu1eg
  • zu4ev
  • zu39dr_firmware
  • zu25dr
  • zu49dr_firmware
  • zu4eg_firmware
  • zu2cg_firmware
  • zu17eg_firmware
  • zu15eg_firmware
  • zu7ev_firmware
  • zu48dr
  • zu3eg_firmware
  • zu2eg
  • zu63dr_firmware
  • zu47dr
  • zu7eg
  • zu43dr_firmware
  • zu49dr
  • zu9eg_firmware
  • zu39dr
  • zu5cg_firmware
  • zu3tcg_firmware
  • zu6eg
  • zu5cg
  • zu27dr_firmware
  • zu6cg_firmware
  • zu65dr_firmware
  • zu7ev
  • zu3teg
  • zu1cg
CWE
CWE-657

Violation of Secure Design Principles

CWE-345

Insufficient Verification of Data Authenticity