CVE-2025-59700
LOWDescription
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection).
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| entrust | nshield_5c_firmware |
| entrust | nshield_5c_firmware |
| entrust | nshield_5c |
| entrust | nshield_hsmi_firmware |
| entrust | nshield_hsmi_firmware |
| entrust | nshield_hsmi |
| entrust | nshield_connect_xc_base_firmware |
| entrust | nshield_connect_xc_base_firmware |
| entrust | nshield_connect_xc_base |
| entrust | nshield_connect_xc_mid_firmware |
| entrust | nshield_connect_xc_mid_firmware |
| entrust | nshield_connect_xc_mid |
| entrust | nshield_connect_xc_high_firmware |
| entrust | nshield_connect_xc_high_firmware |
| entrust | nshield_connect_xc_high |
References
Frequently Asked Questions
What is CVE-2025-59700? +
How severe is CVE-2025-59700? +
What products are affected by CVE-2025-59700? +
How do I check if I'm vulnerable to CVE-2025-59700? +
Related Vulnerabilities
go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alpha.3, go-git may parse malformed …
Roadiz is a polymorphic content management system based on a node system. Prior to versions 2.3.43, 2.5.45, 2.6.31, and 2.7.18, …
Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated …
stats is a macOS system monitor in for the menu bar. The Stats application is vulnerable to a local privilege …
Hickory DNS is a Rust based DNS client, server, and resolver. A vulnerability present starting in version 0.8.0 and prior …
RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in …