CVE-2025-12150

Org.keycloak/keycloak-services: webauthn attestation statement verification bypass

CVSS 3.1 LOWEPSS 0.2%CWE-347

A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and register untrusted or forged authenticators via submission of an attestation object with fmt: "none", even when the realm is configured to require direct attestation. This can lead to weakened authentication integrity and unauthorized authenticator registration.

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

Productos afectados

Keycloak · keycloak Red Hat · Red Hat build of Keycloak 26.2 Red Hat · Red Hat build of Keycloak 26.2.11 Red Hat · Red Hat build of Keycloak 26.4 Red Hat · Red Hat build of Keycloak 26.4.4

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://access.redhat.com/errata/RHSA-2025:21370 https://access.redhat.com/errata/RHSA-2025:21371 https://access.redhat.com/errata/RHSA-2025:22088 https://access.redhat.com/errata/RHSA-2025:22089 https://access.redhat.com/security/cve/CVE-2025-12150 https://bugzilla.redhat.com/show_bug.cgi?id=2406192 https://github.com/keycloak/keycloak/issues/43723