Vulnerability Details CVE-2025-59703
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.8%
CVSS Severity
CVSS v3 Score 9.1
References
Products affected by CVE-2025-59703
-
cpe:2.3:h:entrust:nshield_5c:-
-
cpe:2.3:h:entrust:nshield_connect_xc_base:-
-
cpe:2.3:h:entrust:nshield_connect_xc_high:-
-
cpe:2.3:h:entrust:nshield_connect_xc_mid:-
-
cpe:2.3:h:entrust:nshield_hsmi:-
-
cpe:2.3:o:entrust:nshield_5c_firmware:*
-
cpe:2.3:o:entrust:nshield_connect_xc_base_firmware:*
-
cpe:2.3:o:entrust:nshield_connect_xc_high_firmware:*
-
cpe:2.3:o:entrust:nshield_connect_xc_mid_firmware:*
-
cpe:2.3:o:entrust:nshield_hsmi_firmware:*