Xilinx Security Vulnerabilities
OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to...
9.1AI Score
0.001EPSS
In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader (FSBL) by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...
6.8CVSS
6.4AI Score
0.001EPSS
When booting a Zync-7000 SOC device from nand flash memory, the nand driver in the ROM does not validate the inputs when reading in any parameters in the nandβs parameter page. IF a field read in from the parameter page is too large, this causes a buffer overflow that could lead to arbitrary code.....
6.8CVSS
7.1AI Score
0.002EPSS
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot...
5.5CVSS
5.4AI Score
0.0004EPSS