CVE-2019-5478 - OpenCVE

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Xilinx	Zynq Ultrascale\+ Mpsoc Zynq Ultrascale\+ Mpsoc Firmware Zynq Ultrascale\+ Rfsoc Zynq Ultrascale\+ Rfsoc Firmware

Configuration 1 [-]

AND

cpe:2.3:o:xilinx:zynq_ultrascale\+_mpsoc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:xilinx:zynq_ultrascale\+_mpsoc:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:xilinx:zynq_ultrascale\+_rfsoc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:xilinx:zynq_ultrascale\+_rfsoc:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt
https://www.xilinx.com/support/answers/72588.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: hackerone

Published: 2019-09-03T19:17:35

Updated: 2024-08-04T19:54:53.489Z

Reserved: 2019-01-04T00:00:00

Link: CVE-2019-5478

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-09-03T20:15:11.530

Modified: 2020-10-16T14:11:49.883

Link: CVE-2019-5478

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Zynq UltraScale+ SoC", "vendor": "n/a", "versions": [{"status": "affected", "version": "Not Fixed"}]}], "descriptions": [{"lang": "en", "value": "A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-657", "description": "Violation of Secure Design Principles (CWE-657)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-09-03T19:17:35", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.xilinx.com/support/answers/72588.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "support@hackerone.com", "ID": "CVE-2019-5478", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Zynq UltraScale+ SoC", "version": {"version_data": [{"version_value": "Not Fixed"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Violation of Secure Design Principles (CWE-657)"}]}]}, "references": {"reference_data": [{"name": "https://www.xilinx.com/support/answers/72588.html", "refsource": "MISC", "url": "https://www.xilinx.com/support/answers/72588.html"}, {"name": "https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt", "refsource": "MISC", "url": "https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:54:53.489Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.xilinx.com/support/answers/72588.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt"}]}]}, "cveMetadata": {"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2019-5478", "datePublished": "2019-09-03T19:17:35", "dateReserved": "2019-01-04T00:00:00", "dateUpdated": "2024-08-04T19:54:53.489Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xilinx:zynq_ultrascale\\+_mpsoc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B455C493-5E77-4F53-946E-16C8B46185D9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xilinx:zynq_ultrascale\\+_mpsoc:-:*:*:*:*:*:*:*", "matchCriteriaId": "664ACA6D-1BC9-4D43-BCC4-5F04B0A694DD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xilinx:zynq_ultrascale\\+_rfsoc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F5654E9-9DB7-45B3-81DA-CD1578093572", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xilinx:zynq_ultrascale\\+_rfsoc:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D30D555-C736-4CCB-8084-686771506E95", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior."}, {"lang": "es", "value": "Se ha descubierto una debilidad en el modo de inicio Encrypt Only en los dispositivos Zynq UltraScale +. Esto podr\u00eda llevar a que un adversario pueda modificar los campos de control de la imagen de arranque y provocar un comportamiento de arranque seguro incorrecto."}], "id": "CVE-2019-5478", "lastModified": "2020-10-16T14:11:49.883", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-09-03T20:15:11.530", "references": [{"source": "support@hackerone.com", "tags": ["Third Party Advisory"], "url": "https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt"}, {"source": "support@hackerone.com", "tags": ["Vendor Advisory"], "url": "https://www.xilinx.com/support/answers/72588.html"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-345"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-657"}], "source": "support@hackerone.com", "type": "Secondary"}]}