Entrust: Security Vulnerabilities
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-12-02
The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-02
The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the (insecurely configured) appliance boot process. To exploit this, the attacker must modify the firmware via JTAG or perform an upgrade to the chassis management board firmware. This is called F03.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-12-02
Entrust Entelligence Security Provider (ESP) 8 does not properly validate certificates in certain circumstances involving (1) a chain that omits the root Certification Authority (CA) certificate, or an application that specifies disregarding (2) unknown revocation statuses during path validation or (3) certain errors in the certification path, which might allow context-dependent attackers to spoof certificate authentication. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
6.4
EPSS Score
0.002
Published
2007-08-29
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
CVSS Score
7.5
EPSS Score
0.085
Published
2004-12-31
Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.
CVSS Score
2.1
EPSS Score
0.002
Published
2004-02-03
Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat.
CVSS Score
5.0
EPSS Score
0.039
Published
2001-12-06
login.gas.bat and other CGI scripts in Entrust getAccess allow remote attackers to execute Java programs, and possibly arbitrary commands, by specifying an alternate -classpath argument.
CVSS Score
7.5
EPSS Score
0.008
Published
2001-07-27
Page 2