Lucene search
+L

117 matches found

cve
cve
added 2025/12/02 12:0 a.m.13 views

CVE-2025-59693

The CVE affects Entrust nShield hardware: Chassis Management Board in nShield Connect XC, nShield 5c, and nShield HSMi up to firmware versions 13.6.11 and 13.7. Root cause is physical access bypass of tamper labels to reach the JTAG connector, enabling a proximate attacker to gain debug access an...

9.8CVSS6.6AI score0.00682EPSS
Exploits1References2Affected Software1
cnnvd
cnnvd
added 2025/12/02 12:0 a.m.5 views

Entrust nShield Connect XC 安全漏洞

Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from a physical neighbor attacker who can persistently modify the firmware and affect the device boot process...

6.8CVSS6.5AI score0.00267EPSS
Exploits1References4
cve
cve
added 2025/12/02 12:0 a.m.12 views

CVE-2025-59701

Summary: CVE-2025-59701 affects Entrust nShield Connect XC, nShield 5c, and nShield HSMi up to version 13.6.11 or 13.7. The vulnerability arises because the Appliance SSDs are unencrypted, allowing a physically proximate attacker with elevated privileges to read and modify SSD contents. The avail...

4.1CVSS6.4AI score0.0016EPSS
Exploits1References2Affected Software1
cve
cve
added 2025/12/02 12:0 a.m.15 views

CVE-2025-59695

CVE-2025-59695 affects Entrust nShield hardware security modules: Connect XC, nShield 5c, and nShield HSMi. The root cause is a vulnerability (F04) that permits a user with OS root access to modify the Chassis Management Board firmware without authentication, impacting versions up to 13.6.11 and ...

9.8CVSS6.5AI score0.00547EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2025/12/02 12:0 a.m.8 views

PT-2025-48695

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader...

7.1AI score0.00263EPSS
Exploits1References3
cve
cve
added 2025/12/02 12:0 a.m.11 views

CVE-2025-59698

Summary: CVE-2025-59698 affects Entrust nShield Connect XC, nShield 5c, and nShield HSMi up to versions 13.6.11 and 13.7. The vulnerability allows a physically proximate attacker to access the EOL legacy bootloader. The connected documents do not provide technical root-cause details or remediatio...

6.8CVSS6.7AI score0.00263EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2025/12/02 12:0 a.m.15 views

CVE-2025-59702

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components...

0.00265EPSS
Exploits1References2
cnnvd
cnnvd
added 2025/12/02 12:0 a.m.7 views

Entrust nShield Connect XC 安全漏洞

Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from a physical neighbor attacker with elevated privileges who can forge tamper events...

7.2CVSS6.4AI score0.00265EPSS
Exploits1References4
cve
cve
added 2025/12/02 12:0 a.m.12 views

CVE-2025-59699

Entrust nShield Connect XC (up to 13.6.11), nShield 5c (up to 13.6.11), and nShield HSMi (up to 13.6.11) and nShield Connect XC/HSMi 13.7 are affected by CVE-2025-59699. A physically proximate attacker can escalate privileges by booting from a USB device containing a valid root filesystem, due to...

6.8CVSS6.7AI score0.00276EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2025/12/02 12:0 a.m.8 views

PT-2025-48706

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from t...

6.8AI score0.00375EPSS
Exploits1References3
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-1984

Malware in sbrugna...

6.8CVSS6.7AI score0.00348EPSS
Exploits0References2
cnvd
cnvd
added 2017/09/22 12:0 a.m.11 views

Multiple Thales nShield Connect Hardware Privilege Access Control Vulnerabilities

Thales nShield Connect hardware models 500 and others are networked HSM Hardware Security Module devices from Thales e-Security, USA. A security vulnerability exists in several models of Thales nShield Connect hardware. An attacker in close physical proximity could exploit this vulnerability to...

6.8CVSS6.7AI score0.00348EPSS
Exploits0References1
prion
prion
added 2017/08/18 4:29 p.m.14 views

Code injection

Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key KNETI and impersonate the nShield Connect device on a network, affect...

4.6CVSS7.2AI score0.00348EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2017/08/18 4:29 p.m.13 views

CVE-2015-1878

Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key KNETI and impersonate the nShield Connect device on a network, affect...

6.8CVSS6.7AI score0.00348EPSS
Exploits0References1
cvelist
cvelist
added 2017/08/18 4:0 p.m.20 views

CVE-2015-1878

Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key KNETI and impersonate the nShield Connect device on a network, affect...

6.7AI score0.00348EPSS
Exploits0References1
cve
cve
added 2017/08/18 4:0 p.m.41 views

CVE-2015-1878

The CVE-2015-1878 case affects Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ prior to version 11.72. The issue arises when a physically proximate attacker connects via the front-panel USB port to sign arbitrary data with previously loaded signing keys, extract the...

6.8CVSS6.6AI score0.00348EPSS
Exploits0References1Affected Software1
prion
prion
added 2006/03/09 1:6 p.m.16 views

Information disclosure

nCipher firmware before V10, as used by 1 nShield, 2 nForce, 3 netHSM, 4 payShield, 5 SecureDB, 6 DSE200 Document Sealing Engine, 7 Time Source Master Clock TSMC, and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote...

2.6CVSS7.2AI score0.00927EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder