Entrust nShield Connect XC
Moderate fix2 remedies
cpe:2.3:o:thalesesecurity:nshield_connect_firmware:*:*:*:*:*:*:*
Moderate fix2 remedies
- 12.80.4-274-813026a
Entrust nShield Products Unauthenticated Firmware Modification Vulnerability on Chassis Management Board
Vulnerability
Patched
A vulnerability exists in Entrust nShield Connect XC, nShield 5c, and nShield HSMi, all through version 13.6.11 or 13.7. This vulnerability allows a user with root access to the operating system to modify the firmware on the Chassis Management Board without authentication. The issue is categorized as F04.
Impact
Exploitation of this vulnerability allows for unauthorized firmware modifications on the Chassis Management Board, potentially leading to persistent and undetectable compromises of the affected hardware security module (HSM) appliance.
Reproduction
The vulnerability can be reproduced by gaining root access to the nShield appliance. Once root access is obtained, the 'cosmoupgrade' command can be used to upload modified firmware to the Cosmo board, bypassing any authentication requirements. This unverified firmware upgrade can be done remotely, taking advantage of the lack of secure boot protections.
Remediation
Users can upgrade to Entrust nShield versions 13.6.12 or 13.9.0 to address this vulnerability.
Added: Dec 2, 2025, 3:26 PM
Updated: Dec 2, 2025, 5:36 PM
Vulnerability Rating
Custom Algorithm
spread
0.3impact
2.5exploitability
3.0remediation
7.7relevance
1.3threat
6.4urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.