CVE-2019-5478 (GCVE-0-2019-5478)
Vulnerability from cvelistv5
Published
2019-09-03 19:17
Modified
2024-08-04 19:54
Severity ?
CWE
  • CWE-657 - Violation of Secure Design Principles ()
Summary
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.
References
Impacted products
Vendor Product Version
n/a Zynq UltraScale+ SoC Version: Not Fixed
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:54:53.489Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.xilinx.com/support/answers/72588.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Zynq UltraScale+ SoC",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Not Fixed"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-657",
              "description": "Violation of Secure Design Principles (CWE-657)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-03T19:17:35",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.xilinx.com/support/answers/72588.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2019-5478",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Zynq UltraScale+ SoC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Not Fixed"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Violation of Secure Design Principles (CWE-657)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.xilinx.com/support/answers/72588.html",
              "refsource": "MISC",
              "url": "https://www.xilinx.com/support/answers/72588.html"
            },
            {
              "name": "https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt",
              "refsource": "MISC",
              "url": "https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2019-5478",
    "datePublished": "2019-09-03T19:17:35",
    "dateReserved": "2019-01-04T00:00:00",
    "dateUpdated": "2024-08-04T19:54:53.489Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-5478\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2019-09-03T20:15:11.530\",\"lastModified\":\"2024-11-27T16:10:16.277\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto una debilidad en el modo de inicio Encrypt Only en los dispositivos Zynq UltraScale +. Esto podr\u00eda llevar a que un adversario pueda modificar los campos de control de la imagen de arranque y provocar un comportamiento de arranque seguro incorrecto.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-657\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-345\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu11eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DDC63B5-D1E2-43F9-8BEA-6B09B2A0191C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu11eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE5F3351-714B-4B2B-BE5B-C8FAF39800A7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu15eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAF70D3D-2CF9-4333-84A3-620D0BBAE7DC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu15eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9045E0CA-4EF2-4486-906E-FF2A88915EA4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu17eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"683269F1-9E88-40C4-8930-61FDB9DB3D47\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu17eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3517639C-014E-4420-B220-DA274105EB36\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu19eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96A35D5B-FAB0-4BB1-AAB5-DE7F29159C7C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu19eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FD519A4-6A95-4DE4-A60C-A045D4C18B39\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu1cg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04885D9A-71B9-4B3D-8415-067383EE1831\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu1cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3644759-DF73-4B08-A41F-F3545544A834\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu1eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20B15189-4527-48B7-8D99-2DB7E5DBA680\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu1eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1F0F4E1-6614-4764-95C6-07021037C98E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu21dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C8F09F9-FA80-43EC-872F-3CE98054CAF9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu21dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13C07809-E70A-4A43-A0BA-B9BE011DF95D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu25dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"846B882D-62A1-400A-9FBB-08B47909B0CF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu25dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6FF4C27-6BB6-49E9-9739-0ACE9BDCC9C5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu27dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C213223B-3EB4-443A-B3BD-30C4DC6E8607\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu27dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9EE10CC-D349-4E43-9418-49BEB0237AC8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu28dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81409877-57DA-4365-AFCF-38A1675F174C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu28dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77F6F4A1-A50C-49D3-BF5C-A8F4EF0432EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu29dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF9D1713-BE97-40E6-B8DD-D9662BF2976D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu29dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CDED669-6D4B-47BE-89B3-38762106CC15\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu2cg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F639D90-5A2B-464F-BCB3-B26957EA15E5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu2cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AA3F682-6DF1-46F5-BF27-4DBD5C49912E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu2eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54238599-76F1-484B-8CA6-4F711A6ED543\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu2eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFAA3DD6-72A8-47EB-B4DA-623956136076\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu39dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1740BFCB-BDAF-4CBF-825F-B0C40D77CEDD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu39dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C4AB9E-C10F-40E2-B7A7-6D98CA9C978D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu3cg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C884D54-E62D-43DF-8472-95B51E344331\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu3cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40A210AD-DFED-4DC0-B133-483967D67622\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu3eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CF58073-334B-4E4F-AE17-BC4463CCA974\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu3eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25305088-1DDF-4E60-B7CD-9990D4D3E1B1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu3tcg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E559403D-5AF7-4057-900B-1A02896812B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu3tcg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A331B606-2D5D-4EFD-909C-1E497363C490\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu3teg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4147901-4AD6-4330-9784-52E6A712780A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu3teg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"501B3C64-A6A2-433A-B6F1-9B54A1CE5A3A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu42dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7CA74D5-7382-44D8-850E-9BAC8127F340\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu42dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7539C6D1-451C-4D18-A405-8D1C0C558DEE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu43dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1817727-9088-481E-85E2-BC79C97AFEFE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu43dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"786D2CC5-115F-47D1-BF7A-912A53A4CC15\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu46dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1E6B8D1-CB6A-4368-B105-A98E6C9A9CB4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu46dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77A4DA65-5444-415C-98ED-58B8AEE5C9BF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu47dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F737FE2D-C3D9-4A2C-BA64-7204D386E5C5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu47dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16EE74BE-140C-4E7E-A863-9241D46F0B28\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu48dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFDDAD7C-8198-4533-89CF-1DEFBBDD1C0C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu48dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EB69401-F8BB-4769-B873-B8004480DD03\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu49dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C1E3AE7-B854-42B8-9726-FF138DE7EA7C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu49dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ABEFC67-EF4C-4B67-8ED8-9A2EB1D87410\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu4cg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7045B2F5-6655-44CE-A9A9-3D8A6121C809\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu4cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2905CDB-B546-4E21-A112-77C3C3163BFE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu4eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E65A26-BC81-4C43-8E8B-E332A8E88FC8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu4eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90E53A37-6EF6-4C61-AD96-9E611677CE7F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu4ev_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BCA47C8-5C6A-4E7E-BEF5-92E84C65AD98\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu4ev:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E31CE2F3-EA33-4F3E-BFDD-0E29E97D8EB6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu5cg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC856431-4D4E-491C-9A69-6B20AF9FC3AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu5cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBEB8E8A-95D7-4E79-BC4D-4085C5E800F7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu5eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ED29E2A-9CE1-4598-B2E1-BDAA101F0F12\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu5eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA09364E-BC82-49F6-AE09-2DBE2D332B2E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu5ev_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2990227F-3C62-4D34-904A-88AFDC84DC0E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu5ev:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0E1453D-9BAF-49D7-9362-B4D8CB886612\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu63dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CDF56F0-8701-4F80-A3F5-00FF1F238540\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu63dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE17FB2B-C861-4980-A891-F9A15A5F7A42\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu64dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DF6AF72-6DDE-4095-A83A-027BD15A17C0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu64dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83A35E38-9A97-41C7-8404-CC3F29514527\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu65dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B5C5CD4-CE55-43D6-A509-A33AF164A61F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu65dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AEDD34F-8FD2-4D1A-82E9-171E227246D9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu67dr_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C4F7F7E-CA9B-4C2E-B582-BD23B9B66839\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu67dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B8E9AA5-35C3-4AA2-9F44-D60EB39A4FB4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu6cg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53FE2D68-59C0-48BA-AD68-210BEA8CD3B3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu6cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19B4BE70-7ECC-40D0-A770-6B414FF06A83\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu6eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF8E7DA-982A-488D-9BC9-4330663AF760\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu6eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E63D5EA-563E-4C37-81A8-78517869BFA4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu7cg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84664610-4100-474C-B5F8-DE412F85DCE2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu7cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DE9030-505E-422C-99D9-0B9894802D90\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu7eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7333B217-9129-4C53-BBD8-69CBD71DCFA2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu7eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCCA05DE-0F83-4195-B95D-E855837EACCC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu7ev_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB6CB3F0-AC09-4F41-B12A-AC72506C14F9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu7ev:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEFEE64D-9614-4706-935B-046147D0DFC9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu9cg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89BB34C6-E5B4-4936-A2BE-71B0B1C14A14\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu9cg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61BB42CE-A537-43E6-94D7-BED504BEA5B6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:zu9eg_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"720E2239-6757-4026-8390-1B534FBEFE83\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:zu9eg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23D4D75A-2704-4752-BD6C-28F7CEEF41AD\"}]}]}],\"references\":[{\"url\":\"https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt\",\"source\":\"support@hackerone.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.xilinx.com/support/answers/72588.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.xilinx.com/support/answers/72588.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.