VYPR
High severity8.2GHSA Advisory· Published Nov 24, 2025· Updated Apr 15, 2026

CVE-2025-13609

CVE-2025-13609

Description

A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
keylimePyPI
< 7.13.07.13.0

Affected products

26

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.