Local Attacker Could Load Arbitrary Bitstreams
CVE-2023-20570
Currently unrated 🤨
Key Information
- Vendor
- AMD
- Status
- Alveo™ Card (UltraScale™and UltraScale+™ based)
- Kintex™ UltraScale™ FPGA
- Virtex™ UltraScale™ FPGA
- Kintex™UltraScale+™ FPGA
- Vendor
- CVE Published:
- 13 February 2024
Summary
Insufficient verification of data authenticity in the configuration state machine may allow a local attacker to potentially load arbitrary bitstreams.
Affected Version(s)
Alveo™ Card (UltraScale™and UltraScale+™ based) = all
Kintex™ UltraScale™ FPGA = all
Virtex™ UltraScale™ FPGA = all
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database