PT-2026-41468 · U-Boot · U-Boot
CVE-2026-46728
·
Published
2026-05-16
·
Updated
2026-07-12
CVSS v3.1
8.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Das U-Boot versions prior to 2026.04
Description
Das U-Boot allows a Flat Image Tree (FIT) signature verification bypass. This occurs because hashed-nodes are omitted from a hash, which can lead to the acceptance of unsigned or modified images.
Recommendations
Update to version 2026.04.
Exploit
Fix
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
U-Boot