What the vulnerability does

01Description

A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier. This could lead to a remote code execution.

Key dates

02Disclosure timeline

September 21, 2022 CVE published
May 27, 2025 Record updated