CVE-2025-61779

N/A Unknown
Published: October 09, 2025 Modified: October 14, 2025
View on NVD

Description

Confidential Containers's Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didn't check if the kbs-client submitting the request was actually authenticated (had the right key). This allowed any kbs-client to actually change the attestation policy. Version 0.15.0 fixes the issue.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/confidential-containers/trustee/commit/3a7d04a70918fa503a00974dcae653cf9f0640e0
Source: security-advisories@github.com
https://github.com/confidential-containers/trustee/pull/957
Source: security-advisories@github.com
https://github.com/confidential-containers/trustee/security/advisories/GHSA-49mc-2q77-m99x
Source: security-advisories@github.com
https://github.com/confidential-containers/trustee/security/advisories/GHSA-49mc-2q77-m99x
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

4 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.1%
18th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-639

Related CVEs

CVE-2026-0824 3.5
CVE-2026-0822 6.3
CVE-2025-13393 4.3
CVE-2025-12379 6.4
CVE-2026-0821 7.3