Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 3, 2025

CVE-2025-59694

Description

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the (insecurely configured) appliance boot process. To exploit this, the attacker must modify the firmware via JTAG or perform an upgrade to the chassis management board firmware. This is called F03.

Affected products

Entrust/nShield Connect XC, nShield 5c, and nShield HSMidescription
Entrust/nShield Connect XCllm-fuzzy
Range: <=13.6.11, =13.7
Entrust/nShield 5cllm-fuzzy
Range: <=13.6.11, =13.7
Entrust/nShield HSMillm-fuzzy
Range: <=13.6.11, =13.7

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwjmitre
www.entrust.com/use-case/why-use-an-hsmmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000