Entrust

Nshield Connect Xc High Firmware

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-59693

Exploit
  • EPSS 0.08%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 15.12.2025 13:41:34

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the cha...

6.8

CVE-2025-59694

Exploit
  • EPSS 0.03%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 15.12.2025 13:39:22

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the (insecurely configured) appliance boot process...

9.8

CVE-2025-59695

Exploit
  • EPSS 0.14%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 15.12.2025 13:35:53

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is called F04.

3.2

CVE-2025-59696

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:31:25

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board.

7.2

CVE-2025-59697

Exploit
  • EPSS 0.03%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:31:35

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This i...

6.8

CVE-2025-59698

Exploit
  • EPSS 0.03%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:42:20

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader.

6.8

CVE-2025-59705

Exploit
  • EPSS 0.03%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:39:23

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reacti...

6.8

CVE-2025-59699

Exploit
  • EPSS 0.03%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:41:55

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default setting...

3.9

CVE-2025-59700

Exploit
  • EPSS 0.01%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 06.01.2026 21:15:42

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection).

4.1

CVE-2025-59701

Exploit
  • EPSS 0.01%
  • Veröffentlicht 02.12.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 19:40:05

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted).