What is the CVSS score of CVE-2025-59703?

CVE-2025-59703 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of Nshield Connect Xc Base Firmware are affected by CVE-2025-59703?

Entrust HSM appliances (nShield Connect XC, nShield 5c, nShield HSMi up to versions 13.6.11/13.7) contain a critical physical tampering vulnerability allowing attackers with direct device access to…

Is there a public PoC exploit available for CVE-2025-59703?

Yes, a public proof-of-concept exploit is available for CVE-2025-59703. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2025-59703?

Within 24 hours: Inventory all affected Entrust HSM models and versions in your environment; restrict physical access to HSM devices to authorized personnel only and implement continuous monitoring. Within 7 days: Contact Entrust support for patch timelines and interim guidance; assess whether devices are in physically secure locations (locked server rooms, cages) and document current access controls. Within 30 days: Develop a phased upgrade plan once patches are released; consider deploying additional environmental controls such as CCTV monitoring, access logs, and intrusion detection for HSM locations; evaluate whether key rotation or re-issuance is needed depending on your threat model and regulatory requirements.

Nshield Connect Xc Base Firmware CVE-2025-59703

EUVD-2025-200272 CRITICAL

Improper Access Control (CWE-284)

2025-12-02 cve@mitre.org

Authentication Bypass Nshield Connect Xc Base Firmware Nshield Hsmi Firmware Nshield 5c Firmware Nshield Connect Xc High Firmware Nshield Connect Xc Mid Firmware

9.1

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

9.1 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 14:04 euvd

EUVD-2025-200272

Analysis Generated

Mar 15, 2026 - 14:04 vuln.today

PoC Detected

Dec 08, 2025 - 19:39 vuln.today

Public exploit code

CVE Published

Dec 02, 2025 - 16:15 nvd

CRITICAL 9.1

DescriptionCVE.org

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack.

Analysis

Technical ContextAI

This vulnerability is classified as Improper Access Control (CWE-284).

RemediationAI

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

CVE-2025-59703 vulnerability details – vuln.today

Back

Nshield Connect Xc Base Firmware CVE-2025-59703

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code