CVE-2025-59694
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-02
Last updated on: 2025-12-15
Assigner: MITRE
Description
Description
The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the (insecurely configured) appliance boot process. To exploit this, the attacker must modify the firmware via JTAG or perform an upgrade to the chassis management board firmware. This is called F03.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| entrust | nshield_5c_firmware | to 13.6.12 (exc) |
| entrust | nshield_5c_firmware | From 13.7.3 (inc) to 13.9.0 (exc) |
| entrust | nshield_5c | * |
| entrust | nshield_hsmi_firmware | to 13.6.12 (exc) |
| entrust | nshield_hsmi_firmware | From 13.7.3 (inc) to 13.9.0 (exc) |
| entrust | nshield_hsmi | * |
| entrust | nshield_connect_xc_base_firmware | to 13.6.12 (exc) |
| entrust | nshield_connect_xc_base_firmware | From 13.7.3 (inc) to 13.9.0 (exc) |
| entrust | nshield_connect_xc_base | * |
| entrust | nshield_connect_xc_mid_firmware | to 13.6.12 (exc) |
| entrust | nshield_connect_xc_mid_firmware | From 13.7.3 (inc) to 13.9.0 (exc) |
| entrust | nshield_connect_xc_mid | * |
| entrust | nshield_connect_xc_high_firmware | to 13.6.12 (exc) |
| entrust | nshield_connect_xc_high_firmware | From 13.7.3 (inc) to 13.9.0 (exc) |
| entrust | nshield_connect_xc_high | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1274 | The product conducts a secure-boot process that transfers bootloader code from Non-Volatile Memory (NVM) into Volatile Memory (VM), but it does not have sufficient access control or other protections for the Volatile Memory. |
