CNNVD-202512-221 Information

CNNVD ID

CNNVD-202512-221

Related CVE

CVE-2025-59699

• CNNVD Published: 2025-12-02

Description (Chinese)

Entrust nShield Connect XC是美国Entrust公司的一个网络连接型硬件安全模块。 Entrust nShield Connect XC存在安全漏洞，该漏洞源于物理邻近攻击者可从USB设备启动以提升权限。

Description (English)

Entrust nShield Connect XC is a network-connected hardware security module of Entrust, United States. There is a security loophole in the Entrust nShield Connect XC, which stems from the fact that physical proximity attackers can be activated from USB equipment to enhance their access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Entrust

Published

2025-12-02

Last Modified

2026-02-24

References

https://www.entrust.com/use-case/why-use-an-hsm https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj https://vigilance.fr/vulnerability/Entrust-nShield-Connect-XC-multiple-vulnerabilities-dated-02-12-2025-48940 https://access.redhat.com/security/cve/cve-2025-59699

Patch

https://www.entrust.com/