Entrust

Nshield Connect Xc Mid Firmware

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.2

CVE-2025-59696

Exploit
  • EPSS 0.01%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:31:25

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board.

7.2

CVE-2025-59697

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:31:35

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This i...

6.8

CVE-2025-59698

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:42:20

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader.

6.8

CVE-2025-59705

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:39:23

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reacti...

6.8

CVE-2025-59699

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:41:55

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default setting...

3.9

CVE-2025-59700

Exploit
  • EPSS 0.01%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:41:38

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection).

4.1

CVE-2025-59701

Exploit
  • EPSS 0.01%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:40:05

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted).

7.2

CVE-2025-59702

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:39:46

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components.

9.1

CVE-2025-59703

Exploit
  • EPSS 0.04%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:39:02

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remov...

4.6

CVE-2025-59704

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:38:42

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password.