CNNVD-202512-223 Information
CNNVD ID
CNNVD-202512-223
Related CVE
- CNNVD Published: 2025-12-02
Description (Chinese)
Entrust nShield Connect XC是美国Entrust公司的一个网络连接型硬件安全模块。 Entrust nShield Connect XC存在安全漏洞,该漏洞源于物理邻近攻击者可编辑Legacy GRUB启动配置以获取root shell。
Description (English)
Entrust nShield Connect XC is a network-connected hardware security module of Entrust, United States. Entrust nShield Connect XC has a security loophole, which stems from the fact that the physical proximity attacker can edit the Legacy GRUB startup configuration to get root shell.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Entrust
Published
2025-12-02
Last Modified
2026-02-24
References
https://www.entrust.com/use-case/why-use-an-hsm https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj https://vigilance.fr/vulnerability/Entrust-nShield-Connect-XC-multiple-vulnerabilities-dated-02-12-2025-48940 https://access.redhat.com/security/cve/cve-2025-59697