CVE-2025-13609

Source
https://cve.org/CVERecord?id=CVE-2025-13609
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13609.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-13609
Aliases
Downstream
Related
Published
2025-11-24T18:08:56.048Z
Modified
2026-07-15T01:49:06.941043551Z
Severity
  • 8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L CVSS Calculator
Summary
Keylime: keylime: registrar allows identity takeover via duplicate uuid registration
Details

A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls.

Database specific
{
    "cwe_ids": [
        "CWE-694"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/13xxx/CVE-2025-13609.json",
    "cna_assigner": "redhat"
}
References

Affected packages

Git / github.com/keylime/keylime

Affected ranges

Type
GIT
Repo
https://github.com/keylime/keylime
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "7.14.0"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

5.*
5.0.0
5.1.0
5.2.0
5.3.0
5.3.1
5.4.0
5.4.1
5.5.0
5.6.0
5.6.1
5.6.2
5.7.0
5.7.1
5.7.2
5.7.3
5.8.0
5.8.1
6.*
6.0.0
6.0.1
6.1.0
6.1.1
v2.*
v2.0
v2.1
v2.1.1
v2.2
v2.3
v2.3.1
v2.3.2
v2.3.3
v2.3.4
v3.*
v3.0.0
v3.1.0
v3.1.1
v4.*
v4.0.0
v4.0.1
v5.*
v5.8.1
v5.8.2
v6.*
v6.2.0
v6.2.1
v6.3.0
v6.3.1
v6.3.2
v6.4.0
v6.4.1
v6.4.2
v6.4.3
v6.5.0
v6.5.1
v6.5.2
v6.5.3
v6.6.0
v6.7.0
v7.*
v7.0.0
v7.10.0
v7.11.0
v7.12.0
v7.12.1
v7.13.0
v7.2.5
v7.3.0
v7.4.0
v7.5.0
v7.6.0
v7.7.0
v7.8.0
v7.9.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13609.json"