CNNVD-202512-217 Information
CNNVD ID
CNNVD-202512-217
Related CVE
- CNNVD Published: 2025-12-02
Description (Chinese)
Entrust nShield Connect XC是美国Entrust公司的一个网络连接型硬件安全模块。 Entrust nShield Connect XC存在安全漏洞,该漏洞源于物理邻近攻击者可在系统启动时通过插入机箱探针启用USB接口以提升权限。
Description (English)
Entrust nShield Connect XC is a network-connected hardware security module of Entrust, United States. Entrust nShield Connect XC has a security loophole, which stems from the fact that the physical proximity attacker can activate the USB interface by inserting an airbox probe at the time the system is activated.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Entrust
Published
2025-12-02
Last Modified
2026-02-24
References
https://www.entrust.com/use-case/why-use-an-hsm https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj https://vigilance.fr/vulnerability/Entrust-nShield-Connect-XC-multiple-vulnerabilities-dated-02-12-2025-48940 https://access.redhat.com/security/cve/cve-2025-59705