CVE-2025-59695

moderate-risk

Published 2025-12-02

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is called F04.

Do I need to act?

0.14% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (5)

Nshield 5C Firmware

Nshield Hsmi Firmware

Nshield Connect Xc Base Firmware

Nshield Connect Xc Mid Firmware

Nshield Connect Xc High Firmware

Affected Vendors

Entrust

References (2)

Exploit https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-g...

Product https://www.entrust.com/use-case/why-use-an-hsm

/ 100

moderate-risk

Severity 32/34 · Critical

Exploitability 1/34 · Minimal

Exposure 12/34 · Low