117 matches found
CVE-2025-59693
The CVE affects Entrust nShield hardware: Chassis Management Board in nShield Connect XC, nShield 5c, and nShield HSMi up to firmware versions 13.6.11 and 13.7. Root cause is physical access bypass of tamper labels to reach the JTAG connector, enabling a proximate attacker to gain debug access an...
Entrust nShield Connect XC 安全漏洞
Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from a physical neighbor attacker who can persistently modify the firmware and affect the device boot process...
CVE-2025-59701
Summary: CVE-2025-59701 affects Entrust nShield Connect XC, nShield 5c, and nShield HSMi up to version 13.6.11 or 13.7. The vulnerability arises because the Appliance SSDs are unencrypted, allowing a physically proximate attacker with elevated privileges to read and modify SSD contents. The avail...
CVE-2025-59695
CVE-2025-59695 affects Entrust nShield hardware security modules: Connect XC, nShield 5c, and nShield HSMi. The root cause is a vulnerability (F04) that permits a user with OS root access to modify the Chassis Management Board firmware without authentication, impacting versions up to 13.6.11 and ...
PT-2025-48695
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader...
CVE-2025-59698
Summary: CVE-2025-59698 affects Entrust nShield Connect XC, nShield 5c, and nShield HSMi up to versions 13.6.11 and 13.7. The vulnerability allows a physically proximate attacker to access the EOL legacy bootloader. The connected documents do not provide technical root-cause details or remediatio...
CVE-2025-59702
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components...
Entrust nShield Connect XC 安全漏洞
Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from a physical neighbor attacker with elevated privileges who can forge tamper events...
CVE-2025-59699
Entrust nShield Connect XC (up to 13.6.11), nShield 5c (up to 13.6.11), and nShield HSMi (up to 13.6.11) and nShield Connect XC/HSMi 13.7 are affected by CVE-2025-59699. A physically proximate attacker can escalate privileges by booting from a USB device containing a valid root filesystem, due to...
PT-2025-48706
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from t...
EUVD-2015-1984
Malware in sbrugna...
Multiple Thales nShield Connect Hardware Privilege Access Control Vulnerabilities
Thales nShield Connect hardware models 500 and others are networked HSM Hardware Security Module devices from Thales e-Security, USA. A security vulnerability exists in several models of Thales nShield Connect hardware. An attacker in close physical proximity could exploit this vulnerability to...
Code injection
Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key KNETI and impersonate the nShield Connect device on a network, affect...
CVE-2015-1878
Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key KNETI and impersonate the nShield Connect device on a network, affect...
CVE-2015-1878
Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key KNETI and impersonate the nShield Connect device on a network, affect...
CVE-2015-1878
The CVE-2015-1878 case affects Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ prior to version 11.72. The issue arises when a physically proximate attacker connects via the front-panel USB port to sign arbitrary data with previously loaded signing keys, extract the...
Information disclosure
nCipher firmware before V10, as used by 1 nShield, 2 nForce, 3 netHSM, 4 payShield, 5 SecureDB, 6 DSE200 Document Sealing Engine, 7 Time Source Master Clock TSMC, and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote...