Vulnerability Description
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Entrust | Nshield 5C Firmware | < 13.6.12 |
| Entrust | Nshield 5C | - |
| Entrust | Nshield Hsmi Firmware | < 13.6.12 |
| Entrust | Nshield Hsmi | - |
| Entrust | Nshield Connect Xc Base Firmware | < 13.6.12 |
| Entrust | Nshield Connect Xc Base | - |
| Entrust | Nshield Connect Xc Mid Firmware | < 13.6.12 |
| Entrust | Nshield Connect Xc Mid | - |
| Entrust | Nshield Connect Xc High Firmware | < 13.6.12 |
| Entrust | Nshield Connect Xc High | - |
Related Weaknesses (CWE)
References
- https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gExploitThird Party Advisory
- https://www.entrust.com/use-case/why-use-an-hsmProduct
- https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gExploitThird Party Advisory
FAQ
What is CVE-2025-59702?
CVE-2025-59702 is a vulnerability with a CVSS score of 7.2 (HIGH). Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal compone...
How severe is CVE-2025-59702?
CVE-2025-59702 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-59702?
Check the references section above for vendor advisories and patch information. Affected products include: Entrust Nshield 5C Firmware, Entrust Nshield 5C, Entrust Nshield Hsmi Firmware, Entrust Nshield Hsmi, Entrust Nshield Connect Xc Base Firmware.