CVE-2025-47827
In IGEL OS before 11, Secure Boot can be bypassed

Publication date: 2025-06-05

Last updated on: 2025-11-05

Assigner: [email protected]

Description
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Affected Vendors & Products
Vendor Product Version
microsoft windows_server_2012 r2
microsoft windows_server_2012 *
microsoft windows_10_1507 to 10.0.10240.18967 (inc)
microsoft windows_10_1607 to 10.0.14393.4467 (inc)
microsoft windows_10_1809 to 10.0.17763.1999 (inc)
microsoft windows_server_2019 to 10.0.17763.1999 (inc)
microsoft windows_server_2022_23h2 to 10.0.20348.2762 (inc)
microsoft windows_server_2016 to 10.0.14393.4467 (inc)
microsoft windows_11_25h2 to 10.0.26200.6899 (inc)
microsoft windows_11_24h2 to 10.0.26100.2033 (inc)
microsoft windows_11_23h2 to 10.0.22631.4317 (inc)
microsoft windows_11_22h2 to 10.0.22621.4317 (inc)
microsoft windows_10_21h2 to 10.0.19044.5011 (inc)
microsoft windows_10_22h2 to 10.0.19045.5011 (inc)
microsoft windows_server_2025 to 10.0.26100.3403 (inc)
igel igel_os *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?


How can this vulnerability impact me? :


How can this vulnerability be detected on my network or system? Can you suggest some commands?


What immediate steps should I take to mitigate this vulnerability?


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart
Meta Information
CVE Publication Date:
2025-06-05
CVE Last Modified Date:
2025-11-05
Report Generation Date:
2025-11-09
AI Powered Q&A Generation:
2025-06-05
EPSS Last Evaluated Date:
2025-09-10
NVD Report Link: