cbcvebase.

Entrust Nshield 5C Firmware vulnerabilities

13 known vulnerabilities affecting entrust/nshield_5c_firmware.

Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2MEDIUM6LOW2

Vulnerabilities

Page 1 of 1
CVE-2025-59695P2CRITICALCVSS 9.8fixed in 13.6.12≥ 13.7.3, < 13.9.02025-12-02
CVE-2025-59695 [CRITICAL] CWE-306 CVE-2025-59695: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is called F04.
nvd
CVE-2025-59703P2CRITICALCVSS 9.1fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59703 [CRITICAL] CWE-284 CVE-2025-59703: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physicall Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14
nvd
CVE-2025-59693P3CRITICALCVSS 9.8fixed in 13.6.12≥ 13.7.3, < 13.9.02025-12-02
CVE-2025-59693 [CRITICAL] CWE-269 CVE-2025-59693: The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13. The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.
nvd
CVE-2025-59697P3HIGHCVSS 7.2fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59697 [HIGH] CWE-269 CVE-2025-59697: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physicall Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06.
nvd
CVE-2025-59702P3HIGHCVSS 7.2fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59702 [HIGH] CWE-203 CVE-2025-59702: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physicall Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components.
nvd
CVE-2025-59699P4MEDIUMCVSS 6.8fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59699 [MEDIUM] CWE-290 CVE-2025-59699: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physicall Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader.
nvd
CVE-2025-59694P4MEDIUMCVSS 6.8fixed in 13.6.12≥ 13.7.3, < 13.9.02025-12-02
CVE-2025-59694 [MEDIUM] CWE-1274 CVE-2025-59694: The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13. The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the (insecurely configured) appliance boot process. To exploit this, the attacker must modify the firmware via JTAG or perform an upgrade to the chass
nvd
CVE-2025-59698P4MEDIUMCVSS 6.8fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59698 [MEDIUM] CWE-1270 CVE-2025-59698: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a phy Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader.
nvd
CVE-2025-59705P4MEDIUMCVSS 6.8fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59705 [MEDIUM] CWE-269 CVE-2025-59705: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physicall Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01.
nvd
CVE-2025-59704P4MEDIUMCVSS 4.6fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59704 [MEDIUM] CWE-287 CVE-2025-59704: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password.
nvd
CVE-2025-59701P4MEDIUMCVSS 4.1fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59701 [MEDIUM] CWE-312 CVE-2025-59701: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physicall Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted).
nvd
CVE-2025-59700P4LOWCVSS 3.9fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59700 [LOW] CWE-345 CVE-2025-59700: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physicall Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection).
nvd
CVE-2025-59696P4LOWCVSS 3.2fixed in 13.6.12≥ 13.7, < 13.9.02025-12-02
CVE-2025-59696 [LOW] CWE-1263 CVE-2025-59696: Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physicall Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board.
nvd
Entrust Nshield 5C Firmware vulnerabilities | cvebase