CNNVD-202512-211 Information
CNNVD ID
CNNVD-202512-211
Related CVE
- CNNVD Published: 2025-12-02
Description (Chinese)
Entrust nShield Connect XC是美国Entrust公司的一个网络连接型硬件安全模块。 Entrust nShield Connect XC存在安全漏洞,该漏洞源于BIOS菜单无密码保护,可能导致攻击者访问BIOS菜单。
Description (English)
Entrust nShield Connect XC is a network-connected hardware security module of Entrust, United States. There is a security loophole in the Entrust nShield Connect XC, which stems from the fact that the BIOS menu is not password-protected and may cause the attackers to access the BIOS menu.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Entrust
Published
2025-12-02
Last Modified
2026-02-24
References
https://www.entrust.com/use-case/why-use-an-hsm https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj https://vigilance.fr/vulnerability/Entrust-nShield-Connect-XC-multiple-vulnerabilities-dated-02-12-2025-48940 https://access.redhat.com/security/cve/cve-2025-59704