Description

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the (insecurely configured) appliance boot process. To exploit this, the attacker must modify the firmware via JTAG or perform an upgrade to the chassis management board firmware. This is called F03.

INFO

Published Date :

2025-12-02T00:00:00.000Z

Last Modified :

2025-12-03T16:08:20.902Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-59694 vulnerability.

Vendors Products
Entrust
  • Nshield 5c
  • Nshield 5c Firmware
  • Nshield Connect Xc
  • Nshield Connect Xc Base
  • Nshield Connect Xc Base Firmware
  • Nshield Connect Xc High
  • Nshield Connect Xc High Firmware
  • Nshield Connect Xc Mid
  • Nshield Connect Xc Mid Firmware
  • Nshield Hsmi
  • Nshield Hsmi Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-59694.

URL Resource
https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj cve-icon cve-icon cve-icon
https://www.entrust.com/use-case/why-use-an-hsm cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact