Vulnerability Details CVE-2025-59699
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.2%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2025-59699
-
cpe:2.3:h:entrust:nshield_5c:-
-
cpe:2.3:h:entrust:nshield_connect_xc_base:-
-
cpe:2.3:h:entrust:nshield_connect_xc_high:-
-
cpe:2.3:h:entrust:nshield_connect_xc_mid:-
-
cpe:2.3:h:entrust:nshield_hsmi:-
-
cpe:2.3:o:entrust:nshield_5c_firmware:*
-
cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*
-
cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*
-
cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*
-
cpe:2.3:o:entrust:nshield_hsmi_firmware:*