CVE-2025-59693
Last modified
CVE-2025-59693 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.. EPSS estimates a 0.66% chance of exploitation in the next 30 days.
Description
The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Entrust | Nshield 5c Firmware | < 13.6.12 |
| Entrust | Nshield 5c Firmware | >= 13.7.3, < 13.9.0 |
| Entrust | Nshield Hsmi Firmware | < 13.6.12 |
| Entrust | Nshield Hsmi Firmware | >= 13.7.3, < 13.9.0 |
| Entrust | Nshield Connect Xc Base Firmware | < 13.6.12 |
| Entrust | Nshield Connect Xc Base Firmware | >= 13.7.3, < 13.9.0 |
| Entrust | Nshield Connect Xc Mid Firmware | < 13.6.12 |
| Entrust | Nshield Connect Xc Mid Firmware | >= 13.7.3, < 13.9.0 |
| Entrust | Nshield Connect Xc High Firmware | < 13.6.12 |
| Entrust | Nshield Connect Xc High Firmware | >= 13.7.3, < 13.9.0 |
References
- https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwjExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-59693?
How severe is CVE-2025-59693?
How do I fix CVE-2025-59693?
Are you affected by CVE-2025-59693?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST