CVE-2025-47827

⚠ KEVEPSS 1.00%

IGEL OS Use of a Key Past its Expiration Date Vulnerability

Added to CISA KEV: 10/14/2025

Description

IGEL OS contains a use of a key past its expiration date vulnerability that allows for Secure Boot bypass. The igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.

Affected packages (0)

No package mapping in OSV.