CVE 9.8 CRITICAL

CVE-2025-59693_CVE-2025-59693

December 3, 2025 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.

AI Analysis

Privilege escalation vulnerability in Chassis Management Board of nShield products

Basic Information

ID CVE-2025-59693

Source mitre

Published Dec 2, 2025 at 00:00

Modified Dec 3, 2025 at 14:44

Affected Product

Vendor Entrust

Product nShield Connect XC, nShield 5c, nShield HSMi

Version 13.6.11, 13.7

Affected Versions n/a n/a n/a

CWE Classification

CWE-269

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Entrust

Product nShield Connect XC, nShield 5c, nShield HSMi

Version 13.6.11, 13.7

References

{
    "lastseen": "",
    "description": "The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.",
    "published": "2025-12-02T00:00:00.000Z",
    "modified": "2025-12-03T14:44:09.572Z",
    "type": "cve",
    "title": "CVE-2025-59693",
    "source": "mitre",
    "references": "https://www.entrust.com/use-case/why-use-an-hsm\nhttps://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj",
    "id": "CVE-2025-59693",
    "bulletinFamily": "",
    "cwe": [
        "CWE-269"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "nShield Connect XC, nShield 5c, nShield HSMi",
    "version": "13.6.11, 13.7",
    "vendor": "Entrust",
    "ai_description": "Privilege escalation vulnerability in Chassis Management Board of nShield products",
    "ai_severity": "Critical",
    "ai_vendor": "Entrust",
    "ai_product": "nShield Connect XC, nShield 5c, nShield HSMi",
    "ai_version": "13.6.11, 13.7",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply