How to fix CVE-2025-59693?

Within 24 hours: Inventory all affected nShield HSM models (Connect XC, 5c, HSMi through versions 13.6.11 or 13.7) and assess physical access controls to equipment locations. Within 7 days: Implement enhanced physical security measures including surveillance, access logs, and tamper detection monitoring; contact Entrust for patch availability and timeline. Within 30 days: Develop and execute a remediation plan including hardware replacement or relocation to physically secured facilities with restricted access protocols.

Is Nshield Connect Xc Base Firmware affected by CVE-2025-59693?

Entrust nShield hardware security modules (HSMs) contain a critical vulnerability allowing physically proximate attackers to bypass security controls and gain administrative access without detection.

CVE-2025-59693

EUVD-2025-200261 CRITICAL

2025-12-02 [email protected]

9.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 15, 2026 - 14:04 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 14:04 euvd

EUVD-2025-200261

PoC Detected

Dec 15, 2025 - 13:41 vuln.today

Public exploit code

CVE Published

Dec 02, 2025 - 15:15 nvd

CRITICAL 9.8

Description

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.

Analysis

Technical Context

Privilege escalation allows a low-privileged user or process to gain elevated permissions beyond what was originally authorized. This vulnerability is classified as Improper Privilege Management (CWE-269).

Affected Products

Affected products: Entrust Nshield 5C Firmware, Entrust Nshield Hsmi Firmware, Entrust Nshield Connect Xc Base Firmware

Remediation

Apply the principle of least privilege. Keep systems patched. Monitor for suspicious privilege changes. Use mandatory access controls (SELinux, AppArmor).

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +49

POC: +20

CVE-2025-59693 vulnerability details – vuln.today

Back

CVE-2025-59693

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-59693

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code