CNNVD-202512-225 Information
CNNVD ID
CNNVD-202512-225
Related CVE
- CNNVD Published: 2025-12-02
Description (Chinese)
Entrust nShield Connect XC是美国Entrust公司的一个网络连接型硬件安全模块。 Entrust nShield Connect XC存在安全漏洞,该漏洞源于具有OS root权限的用户可未经认证修改Chassis Management Board固件。
Description (English)
Entrust nShield Connect XC is a network-connected hardware security module of Entrust, United States. Entrust nShield Connect XC has a security loophole, which is the result of uncertified changes to the Chassis Management Board firmware by users with OS root privileges.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Entrust
Published
2025-12-02
Last Modified
2026-02-24
References
https://www.entrust.com/use-case/why-use-an-hsm https://github.com/google/security-research/security/advisories/GHSA-6q4x-m86j-gfwj https://vigilance.fr/vulnerability/Entrust-nShield-Connect-XC-multiple-vulnerabilities-dated-02-12-2025-48940 https://access.redhat.com/security/cve/cve-2025-59695