Overview CVE-2025-59701 describes a security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices through versions 13.6.11 and 13.7. This vulnerability allows a physically proximate attacker with elevated privileges to read and potentially modify the contents of the Appliance SSD. The root cause of this vulnerability is that the data stored on the SSD is not encrypted. Technical Details The vulnerability stems from the lack of encryption on the Appliance SSD within the affected Entrust nShield HSMs. An attacker with physical access to the device and possessing sufficient privileges to access the internal components can directly read…
-
-
Overview CVE-2025-59700 describes a vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices through version 13.6.11, or 13.7. The vulnerability allows a physically proximate attacker with root access to the device to modify the Recovery Partition due to a lack of integrity protection. This means an attacker with physical access and root privileges on the HSM could potentially compromise the device’s security by manipulating the recovery mechanisms. Technical Details The core issue lies in the absence of integrity protection mechanisms for the Recovery Partition within the affected Entrust nShield HSMs. An attacker who has already obtained root…
-
Overview CVE-2025-59699 describes a security vulnerability in Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices through version 13.6.11, or 13.7. This flaw allows a physically proximate attacker with access to the HSM to escalate privileges to root by booting the device from a USB drive containing a valid root filesystem. The vulnerability stems from insecure default settings in the Legacy GRUB Bootloader configuration. Technical Details The core issue resides in the default configuration of the Legacy GRUB bootloader used by the affected Entrust nShield HSMs. The default configuration permits booting from external media, specifically USB drives. An attacker…
-
Overview CVE-2025-59698 describes a potential security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi hardware security modules (HSMs) through version 13.6.11, or 13.7. The vulnerability could allow an attacker with physical proximity to the device to gain access to the End-of-Life (EOL) legacy bootloader. This access could potentially be leveraged for unauthorized actions depending on the bootloader’s capabilities and the HSM’s configuration. Technical Details The core of this vulnerability lies in the accessibility of the legacy bootloader in older versions of Entrust nShield HSMs. While HSMs are designed with multiple layers of security, including tamper-resistant enclosures and…
-
Overview CVE-2025-59697 describes a security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices through version 13.6.11, and 13.7. This vulnerability, identified as F06, allows a physically proximate attacker to escalate privileges. The attacker can achieve this by editing the Legacy GRUB bootloader configuration to initiate a root shell upon booting the host operating system. Technical Details The vulnerability stems from insufficient protection of the Legacy GRUB bootloader configuration on the affected Entrust nShield HSMs. A physically proximate attacker with access to the HSM’s console can modify the GRUB configuration to add parameters that initiate a root…
-
Overview CVE-2025-59696 describes a security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices. Specifically, versions up to and including 13.6.11, or 13.7, are susceptible to a physical attack where a proximate attacker can modify or erase tamper events through the Chassis management board. This could severely compromise the integrity of the HSM and the sensitive data it protects. This article provides a detailed analysis of this vulnerability, its potential impact, and recommended mitigation strategies. Technical Details The vulnerability lies in the accessibility and insufficient protection of the Chassis management board within the affected Entrust nShield HSMs.…
-
Overview CVE-2025-59695 describes a security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices running firmware versions up to and including 13.6.11, or 13.7. This vulnerability, identified as F04, allows a user with operating system (OS) root access to alter the firmware on the Chassis Management Board (CMB) without proper authentication. This unauthorized firmware modification can lead to severe security breaches. Technical Details The vulnerability resides in the mechanism used to update the firmware on the Chassis Management Board (CMB). With OS root access on the affected nShield HSM, an attacker can bypass the intended authentication controls…
-
Overview CVE-2025-59694 is a security vulnerability affecting the Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices. This vulnerability, dubbed F03 by some researchers, allows a physically proximate attacker to persistently modify firmware and influence the appliance’s boot process. Successful exploitation requires physical access to the device and the ability to modify firmware either via JTAG or by performing a malicious upgrade to the chassis management board firmware. Technical Details The vulnerability stems from an insecure configuration within the Chassis Management Board’s boot process. An attacker with physical access can leverage JTAG debugging interfaces or…
-
Overview CVE-2025-13876 is a medium severity security vulnerability affecting the Rareprob HD Video Player All Formats App version 12.1.372 on Android. This vulnerability allows a local attacker to perform path traversal, potentially leading to unauthorized file access or manipulation. The vendor was notified but has not responded. The exploit for this vulnerability is publicly available, increasing the risk of exploitation. Technical Details The vulnerability resides within an unknown function of the com.rocks.music.videoplayer component of the Rareprob HD Video Player All Formats App. By manipulating input, an attacker can bypass intended security restrictions and traverse the file system. The specific attack…
-
Overview CVE-2025-13875 details a path traversal vulnerability found in Yohann0617’s oci-helper, specifically versions up to 3.2.4. This medium-severity flaw resides within the addCfg function of the OciServiceImpl.java file, which is part of the OCI Configuration Upload component. An attacker can exploit this vulnerability to read arbitrary files on the server by manipulating the File argument. This issue can be exploited remotely. Technical Details The vulnerability exists because the addCfg function in src/main/java/com/yohann/ocihelper/service/impl/OciServiceImpl.java doesn’t properly sanitize the input provided through the File argument. An attacker can inject path traversal sequences (e.g., ../) within the filename to navigate outside the intended directory…