Unpatchable security flaw found in popular SoC boards

Security researchers have discovered an unpatchable security flaw in a popular brand of system-on-chip (SoC) boardsmanufactured by Xilinx.

The vulnerable component is Xilinx’s Zynq UltraScale+ brand, which includes system-on-chip (SoC), multi-processor system-on-chip (MPSoC), and radio frequency system-on-chip (RFSoC) products used inside automotive, aviation, consumer electronics, industrial, and military components.

According to security researchers with Inverse Path — F-Secure’s hardware security team — these SoCs contain security flaws that undermine their secure boot capabilities.

F-Secure said that the Encrypt Only secure boot mode of these SoCs contains two security flaws, one of which is unpatchable by a software update, and requires “a new silicon revision” from the vendor.

Read more…
Source: ZDNet