What is the CVSS score of CVE-2025-59693?

CVE-2025-59693 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Nshield Connect Xc Base Firmware are affected by CVE-2025-59693?

Entrust nShield hardware security modules (HSMs) contain a critical vulnerability allowing physically proximate attackers to bypass security controls and gain administrative access without detection.

Is there a public PoC exploit available for CVE-2025-59693?

Yes, a public proof-of-concept exploit is available for CVE-2025-59693. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-59693?

Within 24 hours: Inventory all affected nShield HSM models (Connect XC, 5c, HSMi through versions 13.6.11 or 13.7) and assess physical access controls to equipment locations. Within 7 days: Implement enhanced physical security measures including surveillance, access logs, and tamper detection monitoring; contact Entrust for patch availability and timeline. Within 30 days: Develop and execute a remediation plan including hardware replacement or relocation to physically secured facilities with restricted access protocols.

Nshield Connect Xc Base Firmware CVE-2025-59693

EUVD-2025-200261 CRITICAL

Improper Privilege Management (CWE-269)

2025-12-02 cve@mitre.org

Privilege Escalation Nshield Connect Xc Base Firmware Nshield 5c Firmware Nshield Connect Xc Mid Firmware Nshield Hsmi Firmware Nshield Connect Xc High Firmware

9.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 14:04 euvd

EUVD-2025-200261

Analysis Generated

Mar 15, 2026 - 14:04 vuln.today

PoC Detected

Dec 15, 2025 - 13:41 vuln.today

Public exploit code

CVE Published

Dec 02, 2025 - 15:15 nvd

CRITICAL 9.8

DescriptionCVE.org

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.

Analysis

Technical ContextAI

Privilege escalation allows a low-privileged user or process to gain elevated permissions beyond what was originally authorized. This vulnerability is classified as Improper Privilege Management (CWE-269).

RemediationAI

Apply the principle of least privilege. Keep systems patched. Monitor for suspicious privilege changes. Use mandatory access controls (SELinux, AppArmor).

CVE-2025-59693 vulnerability details – vuln.today

Back

Nshield Connect Xc Base Firmware CVE-2025-59693

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code