CVE-2025-59699

Published: Dec 2, 2025

Modified: Dec 4, 2025

PUBLISHED

Description

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.entrust.com/use-case/why-use-an-hsm

https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-59699

Description

Affected Products

References