CVE-2025-59693

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj	Exploit Third Party Advisory
https://www.entrust.com/use-case/why-use-an-hsm	Product

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:entrust:nshield_5c_firmware::::::::
	cpe:2.3:o:entrust:nshield_5c_firmware::::::::

cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:o:entrust:nshield_hsmi_firmware::::::::
	cpe:2.3:o:entrust:nshield_hsmi_firmware::::::::

cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:entrust:nshield_connect_xc_base_firmware::::::::
	cpe:2.3:o:entrust:nshield_connect_xc_base_firmware::::::::

cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware::::::::
	cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware::::::::

cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

OR	cpe:2.3:o:entrust:nshield_connect_xc_high_firmware::::::::
	cpe:2.3:o:entrust:nshield_connect_xc_high_firmware::::::::

cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-12-02 15:15

Updated : 2025-12-15 13:41

NVD link : CVE-2025-59693

Mitre link : CVE-2025-59693

CVE.ORG link : CVE-2025-59693

JSON object : View

Products Affected

entrust

nshield_connect_xc_mid_firmware
nshield_hsmi
nshield_connect_xc_high_firmware
nshield_5c_firmware
nshield_connect_xc_base
nshield_connect_xc_base_firmware
nshield_connect_xc_high
nshield_hsmi_firmware
nshield_connect_xc_mid
nshield_5c

CWE

CWE-269

Improper Privilege Management

{"id": "CVE-2025-59693", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-12-02T15:15:54.747", "references": [{"url": "https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.entrust.com/use-case/why-use-an-hsm", "tags": ["Product"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02."}], "lastModified": "2025-12-15T13:41:34.880", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFB3D135-8EAC-4053-BB94-18D5BBB24AE7", "versionEndExcluding": "13.6.12"}, {"criteria": "cpe:2.3:o:entrust:nshield_5c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A225C602-A46C-43A1-B6ED-D85CE086FB13", "versionEndExcluding": "13.9.0", "versionStartIncluding": "13.7.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:entrust:nshield_5c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2BB0F3F8-F5DE-41CB-B804-BBFB78C6ADEB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED3AEBBD-7F75-47F1-8EEA-342BAC9D265E", "versionEndExcluding": "13.6.12"}, {"criteria": "cpe:2.3:o:entrust:nshield_hsmi_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CA1F545-ADAE-41BF-946A-CEAD5A751BB7", "versionEndExcluding": "13.9.0", "versionStartIncluding": "13.7.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:entrust:nshield_hsmi:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7665EE9-9F7F-456F-B172-ED188DD3BAD4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F73858FD-5FE6-4AFA-84F2-E19743E9D900", "versionEndExcluding": "13.6.12"}, {"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65C6EC9C-C33D-4C37-ACD3-4B78D6291000", "versionEndExcluding": "13.9.0", "versionStartIncluding": "13.7.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_base:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "18FCA0E9-EEA9-40EC-9E0F-942F049D2354"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A54F973-25D8-468D-B6A4-240A95D94A0B", "versionEndExcluding": "13.6.12"}, {"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "125D948A-49AA-4385-8519-081F0787417E", "versionEndExcluding": "13.9.0", "versionStartIncluding": "13.7.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_mid:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CB0ACAD9-BBCE-43CC-BD84-2023885725EE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBC11D8B-D72E-4CE9-AE61-AEA85F122F22", "versionEndExcluding": "13.6.12"}, {"criteria": "cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7779DADF-6D63-4326-981F-BA10860BBDD9", "versionEndExcluding": "13.9.0", "versionStartIncluding": "13.7.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:entrust:nshield_connect_xc_high:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F0EDB1F-932B-4EC5-9D09-03CAD98BC2FA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}