CVE-2025-13609
HIGHKeylime < 7.13.0 - Agent Identity Overwrite via Duplicate UUID Registration
Title source: llmDescription
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls.
References (9)
Core 9
Core References
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2416761
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:23201
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:23210
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:23628
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:23735
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:23852
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2026:0429
Vendor Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-13609
Scores
CVSS v3
8.2
EPSS
0.0009
EPSS Percentile
26.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-694
Status
published
Products (8)
Keylime Project/keylime
< 7.14.0
pypi/keylime
0 - 7.13.0PyPI
Red Hat/Red Hat Enterprise Linux 10
0:7.12.1-11.el10_1.3
Red Hat/Red Hat Enterprise Linux 10.0 Extended Update Support
0:7.12.1-2.el10_0.4
Red Hat/Red Hat Enterprise Linux 9
0:7.12.1-11.el9_7.3
Red Hat/Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
0:6.5.2-6.el9_2.1
Red Hat/Red Hat Enterprise Linux 9.4 Extended Update Support
0:7.3.0-13.el9_4.1
Red Hat/Red Hat Enterprise Linux 9.6 Extended Update Support
0:7.3.0-15.el9_6.1
Published
Nov 24, 2025
Tracked Since
Feb 18, 2026