What is CVE-2019-5478?

CVE-2019-5478 is a vulnerability in Zynq Ultrascale+ Soc, classified under CWE-657. Published 2019-09-03.

Is CVE-2019-5478 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Zynq Ultrascale+ Soc

CVE-2019-5478

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.

EPSS: 0.000 (7.3th percentile) — read the EPSS interpretation.

Affected products

N/a Zynq Ultrascale+ Soc — versions Not Fixed

Weakness classification (CWE)

CWE-657

Public proof-of-concept exploits

f-secure-foundry/advisories

References

www.xilinx.com/support/answers/72588.html (x_refsource_MISC)
github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-V… (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-5478?: CVE-2019-5478 is a vulnerability in Zynq Ultrascale+ Soc, classified under CWE-657. Published 2019-09-03.
Is CVE-2019-5478 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.