Vulnerability Description
A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and register untrusted or forged authenticators via submission of an attestation object with fmt: "none", even when the realm is configured to require direct attestation. This can lead to weakened authentication integrity and unauthorized authenticator registration.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Build Of Keycloak | < 26.4.4 |
| Redhat | Keycloak | 24.0.2 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2025:21370Vendor Advisory
- https://access.redhat.com/errata/RHSA-2025:21371Vendor Advisory
- https://access.redhat.com/errata/RHSA-2025:22088Vendor Advisory
- https://access.redhat.com/errata/RHSA-2025:22089Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-12150Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2406192Issue Tracking
- https://github.com/keycloak/keycloak/issues/43723Issue Tracking
FAQ
What is CVE-2025-12150?
CVE-2025-12150 is a vulnerability with a CVSS score of 3.1 (LOW). A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and register untrusted or forged authenticators via su...
How severe is CVE-2025-12150?
CVE-2025-12150 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-12150?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Build Of Keycloak, Redhat Keycloak.