PT-2025-48703 · Entrust · Entrust Nshield Connect Xc+2

Published

2025-12-02

Updated

2025-12-03

CVE-2025-59702

CVSS v3.1

7.2

High

Vector

AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Entrust nShield Connect XC versions through 13.6.11 Entrust nShield 5c versions through 13.6.11 Entrust nShield HSMi versions through 13.6.11 Entrust nShield Connect XC version 13.7 Entrust nShield 5c version 13.7 Entrust nShield HSMi version 13.7

Description A physically proximate attacker with elevated privileges can falsify tamper events by accessing internal components.

Recommendations Update Entrust nShield Connect XC to a version later than 13.6.11 or 13.7. Update Entrust nShield 5c to a version later than 13.6.11 or 13.7. Update Entrust nShield HSMi to a version later than 13.6.11 or 13.7.

Exploit

Fix

Improper Access Control

Side Channel Attack

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-203

Related Identifiers

CVE-2025-59702

GHSA-6Q4X-M86J-GFWJ

Affected Products

Entrust Nshield 5C

Entrust Nshield Connect Xc

Entrust Nshield Hsmi

PT-2025-48703 · Entrust · Entrust Nshield Connect Xc+2

CVE-2025-59702

Weakness Enumeration

Related Identifiers

Affected Products

References · 7