Skip to main content

Zynq 7000 Firmware

2 CVEs product

Monthly

CVE-2022-23822 MEDIUM This Month

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader (FSBL) by bypassing authentication and loading a malicious image onto the device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Zynq 7000S Firmware Zynq 7000 Firmware
NVD GitHub
CVSS 3.1
6.8
EPSS
0.2%
CVE-2021-27208 MEDIUM This Month

When booting a Zync-7000 SOC device from nand flash memory, the nand driver in the ROM does not validate the inputs when reading in any parameters in the nand’s parameter page. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Zynq 7000S Firmware Zynq 7000 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
EPSS 0% CVSS 6.8
MEDIUM This Month

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader (FSBL) by bypassing authentication and loading a malicious image onto the device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Zynq 7000S Firmware +1
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

When booting a Zync-7000 SOC device from nand flash memory, the nand driver in the ROM does not validate the inputs when reading in any parameters in the nand’s parameter page. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Zynq 7000S Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy