MidnightBSD

Advisories for entrust

CVE-2001-0853 MEDIUM

Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
entrust getaccess all_versions
CVE-2001-1024 HIGH

login.gas.bat and other CGI scripts in Entrust getAccess allow remote attackers to execute Java programs, and possibly arbitrary commands, by specifying an alternate -classpath argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
entrust getaccess *
CVE-2002-0712 LOW

Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
entrust entrust_authority_security_manager 5.0
entrust entrust_authority_security_manager 6.0
CVE-2004-0369 HIGH

Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
symantec enterprise_firewall 8.0
symantec gateway_security_5300 1.0
entrust entrust_libkmp_isakmp_library *
symantec velociraptor 1.5
symantec enterprise_firewall 7.0.4
symantec enterprise_firewall 7.0
symantec gateway_security_5400 2.0
CVE-2025-59693

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02.

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59694

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the (insecurely configured) appliance boot process. To exploit this, the attacker must modify the firmware via JTAG or perform an upgrade to the chassis management board firmware. This is called F03.

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59695

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is called F04.

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59696

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 3.2 LOW CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 0.7 2.5

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59697

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.2 HIGH CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 0.5 6.0

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59698

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader.

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59699

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader.

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59700

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection).

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59701

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 0.7 3.4

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59702

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.2 HIGH CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 0.5 6.0

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59703

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the tamper label and all fixing screws from the device without damaging it. This is called an F14 attack.

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59704

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password.

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *
CVE-2025-59705

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01.

Products Affected

Vendor Product Version
entrust nshield_connect_xc_mid_firmware *
entrust nshield_connect_xc_base_firmware *
entrust nshield_connect_xc_high_firmware *
entrust nshield_5c_firmware *
entrust nshield_hsmi_firmware *