Description

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack.

INFO

Published Date :

2025-12-02T00:00:00.000Z

Last Modified :

2025-12-03T14:50:00.869Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-59703 vulnerability.

Vendors Products
Entrust
  • Nshield 5c
  • Nshield 5c Firmware
  • Nshield Connect Xc
  • Nshield Connect Xc Base
  • Nshield Connect Xc Base Firmware
  • Nshield Connect Xc High
  • Nshield Connect Xc High Firmware
  • Nshield Connect Xc Mid
  • Nshield Connect Xc Mid Firmware
  • Nshield Hsmi
  • Nshield Hsmi Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-59703.

URL Resource
https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj cve-icon cve-icon
https://www.entrust.com/use-case/why-use-an-hsm cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact