CVE-2025-13609 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM…
High CVSS: 8.2

CVE-2025-13609

A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls.
Vendor
-
Product
-
CWE
CWE-694
Yayın Tarihi
2025-11-24 18:15:49
Güncelleme
2026-03-19 16:15:59
Source Identifier
secalert@redhat.com
KEV Date Added
-

Kategoriler

CWE-694 HIGH 2025

Referanslar

https://access.redhat.com/errata/RHSA-2025:23201 https://access.redhat.com/errata/RHSA-2025:23210 https://access.redhat.com/errata/RHSA-2025:23628 https://access.redhat.com/errata/RHSA-2025:23735 https://access.redhat.com/errata/RHSA-2025:23852 https://access.redhat.com/errata/RHSA-2026:0429 https://access.redhat.com/security/cve/CVE-2025-13609 https://bugzilla.redhat.com/show_bug.cgi?id=2416761 https://github.com/keylime/keylime/issues/1820