Description

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader.

INFO

Published Date :

2025-12-02T00:00:00.000Z

Last Modified :

2025-12-04T16:28:32.832Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-59699 vulnerability.

Vendors Products
Entrust
  • Nshield 5c
  • Nshield 5c Firmware
  • Nshield Connect Xc
  • Nshield Connect Xc Base
  • Nshield Connect Xc Base Firmware
  • Nshield Connect Xc High
  • Nshield Connect Xc High Firmware
  • Nshield Connect Xc Mid
  • Nshield Connect Xc Mid Firmware
  • Nshield Hsmi
  • Nshield Hsmi Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-59699.

URL Resource
https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj cve-icon cve-icon
https://www.entrust.com/use-case/why-use-an-hsm cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact