CVE-2025-59704 is a vulnerability in Entrust nShield hardware security modules (HSMs), specifically the Connect XC, 5c, and HSMi models up to firmware versions 13.6.11 and 13.7. The root cause is the absence of password protection on the BIOS menu, which allows an attacker with physical access to enter the BIOS setup without authentication. HSMs are critical devices used to securely generate, store, and manage cryptographic keys and perform sensitive cryptographic operations. Access to the BIOS can allow an attacker to alter device configurations, disable security features, or install malicious firmware, leading to full compromise of the HSM’s security guarantees. The vulnerability is classified under CWE-287 (Improper Authentication) and has a CVSS 3.1 base score of 7.8, indicating high severity. The attack vector is local (AV:L), with low attack complexity (AC:L), no privileges required (PR:N), but requires user interaction (UI:R). The scope is unchanged (S:U), but the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). No public exploits are currently known. The vulnerability was reserved in September 2025 and published in December 2025. No patches or firmware updates are listed yet, so mitigation relies on physical security controls and configuration hardening. Given the critical role of HSMs in securing cryptographic keys for authentication, encryption, and digital signatures, exploitation could have severe downstream effects on data protection and trustworthiness of systems relying on these devices.

For European organizations, the impact of this vulnerability is significant due to the widespread use of Entrust nShield HSMs in sectors such as banking, government, telecommunications, and critical infrastructure. Compromise of an HSM can lead to exposure or theft of cryptographic keys, enabling attackers to decrypt sensitive communications, forge digital signatures, or bypass authentication mechanisms. This undermines data confidentiality, integrity, and availability across multiple systems relying on the HSM. The vulnerability requires physical access, so organizations with strong physical security may reduce risk, but insider threats or inadequate physical controls increase exposure. The inability to protect the BIOS menu with a password means attackers can manipulate device settings or install persistent malware, potentially evading detection and remediation. This could disrupt secure transactions, regulatory compliance, and trust in digital services. The lack of available patches increases the urgency for compensating controls. Overall, the vulnerability poses a high risk to European entities that depend on Entrust HSMs for cryptographic security.

1. Immediately review and enhance physical security controls around Entrust nShield HSM devices to prevent unauthorized local access, including secure server rooms, surveillance, and access logging. 2. Check if the affected HSM firmware versions support BIOS password configuration; if so, enable strong BIOS passwords to restrict unauthorized BIOS access. 3. Monitor HSM device logs and physical access logs for any suspicious activity or unauthorized access attempts. 4. Segregate HSMs in isolated network segments with strict access controls to limit exposure. 5. Engage with Entrust support to obtain firmware updates or patches addressing this vulnerability as soon as they become available. 6. Implement strict insider threat detection and response programs to mitigate risks from authorized personnel misuse. 7. Conduct regular security audits and penetration tests focusing on physical and firmware security of HSMs. 8. Develop incident response plans specifically for HSM compromise scenarios, including key revocation and re-issuance procedures. 9. Consider deploying additional layers of cryptographic key protection, such as multi-factor authentication for key usage or hardware-based tamper detection. 10. Document and enforce policies requiring immediate reporting and investigation of any physical or configuration anomalies related to HSM devices.