diff --git a/CHANGELOG.md b/CHANGELOG.md
index eabf9fe..f3c466f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,11 +1,17 @@
 ## Unreleased
 
+## 0.25.0 (June 26, 2023)
+
 Changes:
 * Latest Kubernetes version tested is now 1.27
 * server: Headless service ignores `server.service.publishNotReadyAddresses` setting and always sets it as `true` [GH-902](https://github.com/hashicorp/vault-helm/pull/902)
+* `vault` updated to 1.14.0 [GH-916](https://github.com/hashicorp/vault-helm/pull/916)
+* `vault-csi-provider` updated to 1.4.0 [GH-916](https://github.com/hashicorp/vault-helm/pull/916)
 
-Features:
+Improvements:
 * CSI: Make `nodeSelector` and `affinity` configurable for CSI daemonset's pods [GH-862](https://github.com/hashicorp/vault-helm/pull/862)
+* injector: Add `ephemeralLimit` and `ephemeralRequest` as options for configuring Agent's ephemeral storage resources [GH-798](https://github.com/hashicorp/vault-helm/pull/798)
+* Minimum kubernetes version for chart reverted to 1.20.0 to allow installation on clusters older than the oldest tested version [GH-916](https://github.com/hashicorp/vault-helm/pull/916)
 
 Bugs:
 * server: Set the default for `prometheusRules.rules` to an empty list [GH-886](https://github.com/hashicorp/vault-helm/pull/886)
@@ -45,9 +51,6 @@ Features:
 Bugs:
 * server: Quote `.server.ha.clusterAddr` value [GH-810](https://github.com/hashicorp/vault-helm/pull/810)
 
-Improvements:
-* injector: Add `ephemeralLimit` and `ephemeralRequest` as options for configuring Agent's ephemeral storage resources [GH-798](https://github.com/hashicorp/vault-helm/pull/798)
-
 ## 0.22.1 (October 26th, 2022)
 
 Changes:
diff --git a/Chart.yaml b/Chart.yaml
index 1803a52..104b05f 100644
--- a/Chart.yaml
+++ b/Chart.yaml
@@ -3,9 +3,9 @@
 
 apiVersion: v2
 name: vault
-version: 0.24.1
-appVersion: 1.13.1
-kubeVersion: ">= 1.22.0-0"
+version: 0.25.0
+appVersion: 1.14.0
+kubeVersion: ">= 1.20.0-0"
 description: Official HashiCorp Vault Chart
 home: https://www.vaultproject.io
 icon: https://github.com/hashicorp/vault/raw/f22d202cde2018f9455dec755118a9b84586e082/Vault_PrimaryLogo_Black.png
diff --git a/test/acceptance/csi.bats b/test/acceptance/csi.bats
index d454364..aa6edc4 100644
--- a/test/acceptance/csi.bats
+++ b/test/acceptance/csi.bats
@@ -55,16 +55,16 @@ load _helpers
 
   for i in $(seq 10); do
     sleep 2
-    if [ "$(kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=vault-csi-provider" -c vault-agent | grep "returning cached response: path=/v1/auth/kubernetes/login")" ]; then
+    if [ "$(kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=vault-csi-provider" -c vault-agent | grep "secret renewed: path=/v1/auth/kubernetes/login")" ]; then
         echo "Agent returned a cached login response"
         return
     fi
 
-    echo "Waiting for a cached response from Agent..."
+    echo "Waiting to confirm the Agent is renewing CSI's auth token..."
   done
 
   # Print the logs and fail the test
-  echo "Failed to find a log for a cached Agent response"
+  echo "Failed to find a log for the Agent renewing CSI's auth token"
   kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=vault-csi-provider" -c vault-agent
   kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=vault-csi-provider" -c vault-csi-provider
   exit 1
diff --git a/test/acceptance/server-ha-enterprise-dr.bats b/test/acceptance/server-ha-enterprise-dr.bats
index 911cf8d..264be67 100644
--- a/test/acceptance/server-ha-enterprise-dr.bats
+++ b/test/acceptance/server-ha-enterprise-dr.bats
@@ -7,7 +7,7 @@ load _helpers
 
   helm install "$(name_prefix)-east" \
     --set='server.image.repository=hashicorp/vault-enterprise' \
-    --set='server.image.tag=1.13.1-ent' \
+    --set="server.image.tag=$(yq -r '.server.image.tag' values.yaml)-ent" \
     --set='injector.enabled=false' \
     --set='server.ha.enabled=true' \
     --set='server.ha.raft.enabled=true' \
@@ -75,7 +75,7 @@ load _helpers
   helm install "$(name_prefix)-west" \
     --set='injector.enabled=false' \
     --set='server.image.repository=hashicorp/vault-enterprise' \
-    --set='server.image.tag=1.13.1-ent' \
+    --set="server.image.tag=$(yq -r '.server.image.tag' values.yaml)-ent" \
     --set='server.ha.enabled=true' \
     --set='server.ha.raft.enabled=true' \
     --set='server.enterpriseLicense.secretName=vault-license' .
diff --git a/test/acceptance/server-ha-enterprise-perf.bats b/test/acceptance/server-ha-enterprise-perf.bats
index c63f763..15025c9 100644
--- a/test/acceptance/server-ha-enterprise-perf.bats
+++ b/test/acceptance/server-ha-enterprise-perf.bats
@@ -8,7 +8,7 @@ load _helpers
   helm install "$(name_prefix)-east" \
     --set='injector.enabled=false' \
     --set='server.image.repository=hashicorp/vault-enterprise' \
-    --set='server.image.tag=1.13.1-ent' \
+    --set="server.image.tag=$(yq -r '.server.image.tag' values.yaml)-ent" \
     --set='server.ha.enabled=true' \
     --set='server.ha.raft.enabled=true' \
     --set='server.enterpriseLicense.secretName=vault-license' .
@@ -75,7 +75,7 @@ load _helpers
   helm install "$(name_prefix)-west" \
     --set='injector.enabled=false' \
     --set='server.image.repository=hashicorp/vault-enterprise' \
-    --set='server.image.tag=1.13.1-ent' \
+    --set="server.image.tag=$(yq -r '.server.image.tag' values.yaml)-ent" \
     --set='server.ha.enabled=true' \
     --set='server.ha.raft.enabled=true' \
     --set='server.enterpriseLicense.secretName=vault-license' .
diff --git a/values.openshift.yaml b/values.openshift.yaml
index da71dcf..6e575e4 100644
--- a/values.openshift.yaml
+++ b/values.openshift.yaml
@@ -13,9 +13,9 @@ injector:
 
   agentImage:
     repository: "registry.connect.redhat.com/hashicorp/vault"
-    tag: "1.13.1-ubi"
+    tag: "1.14.0-ubi"
 
 server:
   image:
     repository: "registry.connect.redhat.com/hashicorp/vault"
-    tag: "1.13.1-ubi"
+    tag: "1.14.0-ubi"
diff --git a/values.yaml b/values.yaml
index 15852c8..58eb8a2 100644
--- a/values.yaml
+++ b/values.yaml
@@ -73,7 +73,7 @@ injector:
   # required.
   agentImage:
     repository: "hashicorp/vault"
-    tag: "1.13.1"
+    tag: "1.14.0"
 
   # The default values for the injected Vault Agent containers.
   agentDefaults:
@@ -374,7 +374,7 @@ server:
 
   image:
     repository: "hashicorp/vault"
-    tag: "1.13.1"
+    tag: "1.14.0"
     # Overrides the default Image Pull Policy
     pullPolicy: IfNotPresent
 
@@ -1001,7 +1001,7 @@ csi:
 
   image:
     repository: "hashicorp/vault-csi-provider"
-    tag: "1.3.0"
+    tag: "1.4.0"
     pullPolicy: IfNotPresent
 
   # volumes is a list of volumes made available to all containers. These are rendered
@@ -1086,7 +1086,7 @@ csi:
 
     image:
       repository: "hashicorp/vault"
-      tag: "1.13.1"
+      tag: "1.14.0"
       pullPolicy: IfNotPresent
 
     logFormat: standard