Search criteria
30 vulnerabilities found for nshield_5c_firmware by entrust
FKIE_CVE-2025-59703
Vulnerability from fkie_nvd - Published: 2025-12-02 16:15 - Updated: 2025-12-08 19:39
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack."
}
],
"id": "CVE-2025-59703",
"lastModified": "2025-12-08T19:39:02.430",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-02T16:15:55.317",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-59704
Vulnerability from fkie_nvd - Published: 2025-12-02 16:15 - Updated: 2025-12-08 19:38
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password."
}
],
"id": "CVE-2025-59704",
"lastModified": "2025-12-08T19:38:42.513",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-12-02T16:15:55.470",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2025-59705
Vulnerability from fkie_nvd - Published: 2025-12-02 15:15 - Updated: 2025-12-08 19:39
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka \"Unauthorized Reactivation of the USB interface\" or F01."
}
],
"id": "CVE-2025-59705",
"lastModified": "2025-12-08T19:39:23.170",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-02T15:15:56.043",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-59702
Vulnerability from fkie_nvd - Published: 2025-12-02 15:15 - Updated: 2025-12-08 19:39
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components."
}
],
"id": "CVE-2025-59702",
"lastModified": "2025-12-08T19:39:46.283",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 6.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-02T15:15:55.917",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
},
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-59696
Vulnerability from fkie_nvd - Published: 2025-12-02 15:15 - Updated: 2025-12-08 19:31
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board."
}
],
"id": "CVE-2025-59696",
"lastModified": "2025-12-08T19:31:25.870",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 2.5,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-02T15:15:55.143",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1263"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-59698
Vulnerability from fkie_nvd - Published: 2025-12-02 15:15 - Updated: 2025-12-08 19:42
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader."
}
],
"id": "CVE-2025-59698",
"lastModified": "2025-12-08T19:42:20.173",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-02T15:15:55.410",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1270"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-59697
Vulnerability from fkie_nvd - Published: 2025-12-02 15:15 - Updated: 2025-12-08 19:31
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06."
}
],
"id": "CVE-2025-59697",
"lastModified": "2025-12-08T19:31:35.443",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 6.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-02T15:15:55.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-59700
Vulnerability from fkie_nvd - Published: 2025-12-02 15:15 - Updated: 2025-12-08 19:41
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection)."
}
],
"id": "CVE-2025-59700",
"lastModified": "2025-12-08T19:41:38.573",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.3,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-12-02T15:15:55.667",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-59699
Vulnerability from fkie_nvd - Published: 2025-12-02 15:15 - Updated: 2025-12-08 19:41
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader."
}
],
"id": "CVE-2025-59699",
"lastModified": "2025-12-08T19:41:55.027",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-02T15:15:55.537",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-290"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-59701
Vulnerability from fkie_nvd - Published: 2025-12-02 15:15 - Updated: 2025-12-08 19:40
Severity ?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.entrust.com/use-case/why-use-an-hsm | Product |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7048C8-EB43-4F23-8946-456EF6F3A1B7",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E43D1A7-9CB7-479D-89A9-D5041BB212A4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CDF5EE-9059-478A-BFE5-D7ADEF9625C4",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7125CC3-3B27-4C90-97DE-51D226FBDC00",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7",
"versionEndExcluding": "13.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED259AB7-BFED-4B97-B455-E1D34730CFFF",
"versionEndExcluding": "13.9.0",
"versionStartIncluding": "13.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted)."
}
],
"id": "CVE-2025-59701",
"lastModified": "2025-12-08T19:40:05.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 3.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-02T15:15:55.783",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CVE-2025-59696 (GCVE-0-2025-59696)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-02 18:13
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board.
Severity ?
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59696",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T18:13:07.971575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1263",
"description": "CWE-1263 Improper Physical Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T18:13:12.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:46:46.464Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59696",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-02T18:13:12.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59704 (GCVE-0-2025-59704)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-03 14:54
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59704",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T14:52:36.490100Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T14:54:52.521Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T15:22:01.070Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59704",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T14:54:52.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59700 (GCVE-0-2025-59700)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-03 14:25
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59700",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T14:24:10.995732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T14:25:44.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:51:26.731Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59700",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T14:25:44.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59701 (GCVE-0-2025-59701)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-02 18:14
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted).
Severity ?
4.1 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59701",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T17:59:07.628779Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T18:14:38.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:52:05.194Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59701",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-02T18:14:38.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59702 (GCVE-0-2025-59702)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-02 18:33
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components.
Severity ?
7.2 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59702",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T18:33:08.653450Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T18:33:28.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:55:09.303Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59702",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-02T18:33:28.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59697 (GCVE-0-2025-59697)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-02 18:38
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06.
Severity ?
7.2 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59697",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T18:37:50.250605Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T18:38:06.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:48:24.164Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59697",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-02T18:38:06.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59698 (GCVE-0-2025-59698)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-03 16:06
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader.
Severity ?
6.8 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59698",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T16:06:14.770528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1270",
"description": "CWE-1270 Generation of Incorrect Security Tokens",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T16:06:25.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:48:54.721Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59698",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T16:06:25.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59699 (GCVE-0-2025-59699)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-04 16:28
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader.
Severity ?
6.8 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-04T16:28:18.411637Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T16:28:32.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:50:54.861Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59699",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-04T16:28:32.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59703 (GCVE-0-2025-59703)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-03 14:50
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack.
Severity ?
9.1 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59703",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T14:45:18.438780Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T14:50:00.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T15:21:22.443Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59703",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T14:50:00.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59705 (GCVE-0-2025-59705)
Vulnerability from cvelistv5 – Published: 2025-12-02 00:00 – Updated: 2025-12-03 14:29
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01.
Severity ?
6.8 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59705",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T14:28:11.791125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T14:29:43.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka \"Unauthorized Reactivation of the USB interface\" or F01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:29:57.460Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59705",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T14:29:43.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59696 (GCVE-0-2025-59696)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-02 18:13
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board.
Severity ?
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59696",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T18:13:07.971575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1263",
"description": "CWE-1263 Improper Physical Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T18:13:12.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:46:46.464Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59696",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-02T18:13:12.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59704 (GCVE-0-2025-59704)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-03 14:54
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59704",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T14:52:36.490100Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T14:54:52.521Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T15:22:01.070Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59704",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T14:54:52.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59700 (GCVE-0-2025-59700)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-03 14:25
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59700",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T14:24:10.995732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T14:25:44.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:51:26.731Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59700",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T14:25:44.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59701 (GCVE-0-2025-59701)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-02 18:14
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted).
Severity ?
4.1 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59701",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T17:59:07.628779Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T18:14:38.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:52:05.194Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59701",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-02T18:14:38.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59702 (GCVE-0-2025-59702)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-02 18:33
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components.
Severity ?
7.2 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59702",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T18:33:08.653450Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T18:33:28.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:55:09.303Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59702",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-02T18:33:28.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59697 (GCVE-0-2025-59697)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-02 18:38
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06.
Severity ?
7.2 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59697",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T18:37:50.250605Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T18:38:06.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:48:24.164Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59697",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-02T18:38:06.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59698 (GCVE-0-2025-59698)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-03 16:06
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader.
Severity ?
6.8 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59698",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T16:06:14.770528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1270",
"description": "CWE-1270 Generation of Incorrect Security Tokens",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T16:06:25.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:48:54.721Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59698",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T16:06:25.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59699 (GCVE-0-2025-59699)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-04 16:28
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader.
Severity ?
6.8 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-04T16:28:18.411637Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T16:28:32.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:50:54.861Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59699",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-04T16:28:32.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59703 (GCVE-0-2025-59703)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-03 14:50
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack.
Severity ?
9.1 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59703",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T14:45:18.438780Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T14:50:00.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T15:21:22.443Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59703",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T14:50:00.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59705 (GCVE-0-2025-59705)
Vulnerability from nvd – Published: 2025-12-02 00:00 – Updated: 2025-12-03 14:29
VLAI?
Summary
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01.
Severity ?
6.8 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59705",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T14:28:11.791125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T14:29:43.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka \"Unauthorized Reactivation of the USB interface\" or F01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:29:57.460Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.entrust.com/use-case/why-use-an-hsm"
},
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59705",
"datePublished": "2025-12-02T00:00:00.000Z",
"dateReserved": "2025-09-18T00:00:00.000Z",
"dateUpdated": "2025-12-03T14:29:43.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}