CVE-2025-59699

Entrust nShield Connect XC (up to 13.6.11), nShield 5c (up to 13.6.11), and nShield HSMi (up to 13.6.11) and nShield Connect XC/HSMi 13.7 are affected by CVE-2025-59699. A physically proximate attacker can escalate privileges by booting from a USB device containing a valid root filesystem, due to...

CVE-2025-59695

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board without Authentication. This is called F04...

CVE-2025-59703

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from t...

PT-2025-48690

Name of the Vulnerable Software and Affected Versions Entrust nShield Connect XC versions through 13.6.11 Entrust nShield 5c versions through 13.6.11 Entrust nShield HSMi versions through 13.6.11 Entrust nShield Connect XC version 13.7 Entrust nShield 5c version 13.7 Entrust nShield HSMi version...

CVE-2025-59704

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password...

CVE-2025-59700

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition because of a lack of integrity protection...

CVE-2025-59693

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing th...

PT-2025-48693

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board...

Entrust nShield Connect XC 安全漏洞

Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in the Entrust nShield Connect XC that originates in the physical neighborhood where an attacker can bypass the tamper-evident tags to access the JTAG connector, potentiall...

CVE-2025-59701

Summary: CVE-2025-59701 affects Entrust nShield Connect XC, nShield 5c, and nShield HSMi up to version 13.6.11 or 13.7. The vulnerability arises because the Appliance SSDs are unencrypted, allowing a physically proximate attacker with elevated privileges to read and modify SSD contents. The avail...

CVE-2025-59705

CVE-2025-59705 affects Entrust nShield Connect XC, nShield 5c, and nShield HSMi up to 13.6.11 or 13.7. The issue is a privilege-escalation path via enabling the USB interface by inserting a chassis probe during system boot, described as "Unauthorized Reactivation of the USB interface" (F01). The ...

CVE-2025-59694

The CVE affects Entrust nShield hardware (Connect XC, 5c, HSMi) up to firmware 13.6.11/13.7. A physically proximate attacker can persistently modify the Chassis Management Board firmware to influence the appliance boot process via JTAG or by upgrading the board firmware. No exploits are described...

CVE-2025-59697

Entrust nShield devices are affected: Connect XC, nShield 5c, and nShield HSMi up to v13.6.11 and 13.7 allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to boot a root shell on host OS start (F06). The underlying issue is a boot-time ...

CVE-2025-59702

Affected products: Entrust nShield Connect XC, nShield 5c, and nShield HSMi up to and including version 13.6.11, and version 13.7. The issue allows a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components. Root cause details are not provid...

CVE-2025-59700

The CVE affects Entrust nShield devices: Connect XC, nShield 5c, and nShield HSMi up to versions 13.6.11 and 13.7. The root cause is insufficient integrity protection on the Recovery Partition, enabling a physically proximate attacker with root access to modify it. Impact includes potential compr...

PT-2025-48707

Name of the Vulnerable Software and Affected Versions Entrust nShield Connect XC versions through 13.6.11 Entrust nShield 5c versions through 13.6.11 Entrust nShield HSMi versions through 13.6.11 Entrust nShield Connect XC version 13.7 Entrust nShield 5c version 13.7 Entrust nShield HSMi version...

PT-2025-48692

Name of the Vulnerable Software and Affected Versions Entrust nShield Connect XC versions through 13.6.11 Entrust nShield 5c versions through 13.6.11 Entrust nShield HSMi versions through 13.6.11 Entrust nShield Connect XC version 13.7 Entrust nShield 5c version 13.7 Entrust nShield HSMi version...

CVE-2025-59704

The CVE-2025-59704 entry affects Entrust nShield hardware: Connect XC, 5c, and HSMi up to specific versions (through 13.6.11 and 13.7). The issue is that the BIOS menu is unpassworded, enabling an attacker with physical access to reach BIOS controls. Sources from Red Hat and NVD corroborate the B...

CVE-2025-59696

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board...

Entrust nShield Connect XC 安全漏洞

Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from a physical neighbor attacker who can edit the Legacy GRUB boot configuration to obtain a root shell...