Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2025-24032 PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`)

🗓️ 10 Feb 2025 15:43:47Reported by GoogleType 
osv
 osv🔗 osv.dev👁 7 Views

Vulnerability in PAM-PKCS#11 allows attacker login via user token without signature check.

Related
Refs
ReporterTitlePublishedViews
Family
AstraLinux		 Astra Linux - уязвимость в pam-pkcs11
20 May 202605:53
astralinux
Circl		CVE-2025-24032
10 Feb 202515:50
circl
CNNVD		PAM-PKCS#11 授权问题漏洞
10 Feb 202500:00
cnnvd
CVE		CVE-2025-24032
10 Feb 202515:43
cve
Cvelist		CVE-2025-24032 PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`)
10 Feb 202515:43
cvelist
Debian		[SECURITY] [DLA 4058-1] pam-pkcs11 security update
18 Feb 202512:19
debian
Debian		[SECURITY] [DSA 5864-1] pam-pkcs11 security update
12 Feb 202513:34
debian
Debian CVE		CVE-2025-24032
10 Feb 202515:43
debiancve
Tenable Nessus		Debian dla-4058 : libpam-pkcs11 - security update
18 Feb 202500:00
nessus
Tenable Nessus		Debian dsa-5864 : libpam-pkcs11 - security update
12 Feb 202500:00
nessus
Rows per page
SourceLink
githubwww.github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13
listswww.lists.debian.org/debian-lts-announce/2025/02/msg00021.html
vicariuswww.vicarius.io/vsociety/posts/cve-2025-24032-detect-vulnerability-in-linux-pam-module
vicariuswww.vicarius.io/vsociety/posts/cve-2025-24032-mitigate-linux-pam-module-vulnerability
githubwww.github.com/CVEProject/cvelistV5/tree/main/cves/2025/24xxx/CVE-2025-24032.json
githubwww.github.com/OpenSC/pam_pkcs11/security/advisories/GHSA-8r8p-7mgp-vf56
nvdwww.nvd.nist.gov/vuln/detail/CVE-2025-24032
githubwww.github.com/OpenSC/pam_pkcs11/commit/470263258d1ac59c5eade439c4d9caba0097e6e6
githubwww.github.com/OpenSC/pam_pkcs11/commit/b665b287ff955bbbd9539252ff9f9e2754c3fb48
githubwww.github.com/OpenSC/pam_pkcs11/commit/d9530167966a77115db6e885d459382a2e52ee9e
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
12 Apr 2026 14:03Current
7.4High risk
Vulners AI Score7.4
CVSS 49.2
EPSS0.00746
cve 2025 24032pam-pkcs11 vulnerabilitylinux pam login modulex.509 certificate loginattacker logincert policy issueprivate key signaturesecurity workaround.
7