Vulnerability Description
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2025:23201
- https://access.redhat.com/errata/RHSA-2025:23210
- https://access.redhat.com/errata/RHSA-2025:23628
- https://access.redhat.com/errata/RHSA-2025:23735
- https://access.redhat.com/errata/RHSA-2025:23852
- https://access.redhat.com/errata/RHSA-2026:0429
- https://access.redhat.com/security/cve/CVE-2025-13609
- https://bugzilla.redhat.com/show_bug.cgi?id=2416761
- https://github.com/keylime/keylime/issues/1820
FAQ
What is CVE-2025-13609?
CVE-2025-13609 is a vulnerability with a CVSS score of 8.2 (HIGH). A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent'...
How severe is CVE-2025-13609?
CVE-2025-13609 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-13609?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.