All Advisories
Partner Confidential
IDS-ADV-2026-0419 Critical Active — Patch Available
Published: March 21, 2026  |  Last Updated: March 23, 2026

Data Disclosure via HSM Key Extraction in payShield Firmware

A critical vulnerability in Thales payShield HSM firmware allows authenticated attackers with network adjacency to extract master encryption keys, potentially enabling decryption of stored payment card data across all tenant environments.

9.2
CRITICAL — AIVSS 9.2 / 10.0 AI-Augmented Vulnerability Severity Score — Network/Adjacent attack vector, high confidentiality impact

Vulnerability Summary

Advisory IDIDS-ADV-2026-0419
ComponentThales payShield 10K / payShield 9000 — Hardware Security Module (HSM)
Affected ServiceeMACH.ai Secure Key Management, Tokenization & Payment Data Storage
Attack VectorNetwork / Adjacent — Authenticated API exploitation
ImpactExtraction of cryptographic master keys; potential compromise of PAN encryption across all tenant environments
Affected VersionspayShield firmware < 1.4a.9 (10K series); firmware < 2.3.1 (9000 series)
CVE ReferenceCVE-2026-21847 (pending NVD publication)
DiscoveryIntellect Design Arena — Advanced Threat Research Team
CVSS 4.0 Base9.1 (AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N)

Technical Details

Root Cause

The vulnerability exists in the HSM's host command processing layer, specifically in the EI (Export Key) and A0 (Generate MAC) command implementations. A race condition in the firmware's command queue allows an authenticated caller to chain a sequence of EI commands with specially crafted key block headers that bypass the key usage enforcement logic.

Under normal operation, the HSM enforces key separation policies that prevent encryption keys from being exported in cleartext. However, when the command queue processes concurrent EI requests with conflicting key block protection method (KBPK) parameters, the firmware enters an inconsistent state where the export permission check references a stale key attribute structure. This allows a key flagged as NO_EXPORT to be exported under a known transport key.

Attack Scenario

  1. Attacker establishes an authenticated session to the HSM via the host API (requires valid LMK component or operator card credentials)
  2. Attacker sends a rapid sequence of 12+ concurrent EI commands targeting the Zone Master Key (ZMK), each with different KBPK parameters
  3. The race condition causes the firmware to evaluate export permissions against a null key attribute block, which defaults to PERMIT
  4. The ZMK is exported under a transport key controlled by the attacker
  5. With the ZMK, the attacker can derive all Zone PIN Keys (ZPKs) and Terminal Master Keys (TMKs), enabling offline decryption of stored PANs

Scope of Impact

This vulnerability affects the HSM firmware used in the eMACH.ai platform's secure key management subsystem. The HSM is responsible for generating, storing, and managing cryptographic keys used to encrypt Primary Account Numbers (PANs) and other cardholder data elements across all partner tenant environments.

A successful exploitation could result in the compromise of all payment card data encrypted under the affected HSM's key hierarchy. This represents a direct violation of PCI DSS Requirements 3.5.1 (Protection of Cryptographic Keys) and 3.6.1 (Key Management Procedures).

Indicators of Compromise

Review HSM audit logs for the following patterns. The presence of any of these indicators warrants immediate investigation:

HSM Command Log Patterns # Rapid EI command bursts (>10 within 500ms window)
grep -P "EI\s+\d{4}" /var/log/hsm/command.log | awk '{print $1}' | uniq -c | sort -rn

# Failed key export attempts followed by success
grep -E "(EI.*DENIED|EI.*ERROR).*EI.*OK" /var/log/hsm/command.log

# Anomalous KBPK parameter variations in single session
grep "KBPK_METHOD" /var/log/hsm/command.log | cut -d'=' -f2 | sort | uniq -c
Network Indicators # Source IPs with high-frequency HSM API connections
# Threshold: >50 connections/minute to HSM management port (1500/tcp)

# Unusual session durations (>30 min continuous HSM API session)
# Normal operator sessions average 3-5 minutes

Important: If you identify any of the above indicators in your environment, contact our incident response team immediately at ir@intellectdesign-security.com before proceeding with remediation. Premature key rotation without forensic preservation may destroy evidence needed for PCI DSS Requirement 12.10 incident response documentation.

Affected API Endpoints

EndpointRisk
/api/v2/hsm/key/exportPrimary exploitation vector — EI command interface
/api/v2/hsm/key/generate-macSecondary vector — A0 command can leak key material in MAC output
/api/v2/hsm/session/createSession establishment — monitor for anomalous auth patterns
/api/v2/hsm/diagnosticsInformation disclosure — firmware version and configuration exposure

Remediation

An emergency firmware patch (version 1.4a.9-hf1) has been developed and validated by our security team in coordination with Thales. Select your deployment method below to access the patch package and deployment instructions.

Deploy Emergency Patch

Choose the deployment method appropriate for your environment. All methods deliver the same firmware update package with integrity verification and rollback procedures.

Credit & Disclosure Timeline

DiscoveredFebruary 28, 2026 — Intellect Design Arena Advanced Threat Research
Vendor NotifiedMarch 3, 2026 — Thales Product Security (case #TPS-2026-0891)
Patch DevelopedMarch 15, 2026 — Firmware 1.4a.9-hf1 validated
Partner NotificationMarch 21, 2026 — PCI DSS 12.9.2 advisory issued
Patch DeadlineMarch 28, 2026 — All partner environments
Public DisclosureApril 21, 2026 — Coordinated with Thales (90-day policy)

Questions & Support

For technical questions about this advisory or the remediation process, contact our Partner Security team:

  • Email: security-advisories@intellectdesign-security.com
  • Incident Response: ir@intellectdesign-security.com
  • Compliance: compliance@intellectdesign-security.com
  • Emergency Hotline: 1-800-934-7281 (24/7 for active incidents)
Document ID: IDS-ADV-2026-0419  |  Classification: Partner Confidential  |  PCI DSS 4.0 Req 12.9.2