CVE 9.8 CRITICAL

CVE-2025-59695_CVE-2025-59695

December 4, 2025 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is called F04.

AI Analysis

Unauthenticated firmware alteration vulnerability on the Chassis Management Board

Basic Information

ID CVE-2025-59695

Source mitre

Published Dec 2, 2025 at 00:00

Modified Dec 4, 2025 at 17:54

Affected Product

Vendor Entrust

Product nShield Connect XC, nShield 5c, nShield HSMi

Version 13.6.11, 13.7

Affected Versions n/a n/a n/a

CWE Classification

CWE-306

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Entrust

Product nShield Connect XC, nShield 5c, nShield HSMi

Version 13.6.11, 13.7

References

{
    "lastseen": "",
    "description": "Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is called F04.",
    "published": "2025-12-02T00:00:00.000Z",
    "modified": "2025-12-04T17:54:55.437Z",
    "type": "cve",
    "title": "CVE-2025-59695",
    "source": "mitre",
    "references": "https://www.entrust.com/use-case/why-use-an-hsm\nhttps://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj",
    "id": "CVE-2025-59695",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "nShield Connect XC, nShield 5c, nShield HSMi",
    "version": "13.6.11, 13.7",
    "vendor": "Entrust",
    "ai_description": "Unauthenticated firmware alteration vulnerability on the Chassis Management Board",
    "ai_severity": "Critical",
    "ai_vendor": "Entrust",
    "ai_product": "nShield Connect XC, nShield 5c, nShield HSMi",
    "ai_version": "13.6.11, 13.7",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply