Vulnerability Description
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Entrust | Nshield Connect Xc High Firmware | < 13.6.12 |
| Entrust | Nshield Connect Xc High | - |
| Entrust | Nshield Connect Xc Mid Firmware | < 13.6.12 |
| Entrust | Nshield Connect Xc Mid | - |
| Entrust | Nshield Connect Xc Base Firmware | < 13.6.12 |
| Entrust | Nshield Connect Xc Base | - |
| Entrust | Nshield Hsmi Firmware | < 13.6.12 |
| Entrust | Nshield Hsmi | - |
| Entrust | Nshield 5C Firmware | < 13.6.12 |
| Entrust | Nshield 5C | - |
Related Weaknesses (CWE)
References
- https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gExploitThird Party Advisory
- https://www.entrust.com/use-case/why-use-an-hsmProduct
FAQ
What is CVE-2025-59701?
CVE-2025-59701 is a vulnerability with a CVSS score of 4.1 (MEDIUM). Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (becau...
How severe is CVE-2025-59701?
CVE-2025-59701 has been rated MEDIUM with a CVSS base score of 4.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-59701?
Check the references section above for vendor advisories and patch information. Affected products include: Entrust Nshield Connect Xc High Firmware, Entrust Nshield Connect Xc High, Entrust Nshield Connect Xc Mid Firmware, Entrust Nshield Connect Xc Mid, Entrust Nshield Connect Xc Base Firmware.