CVE-2025-47827
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.
| Software | From | Fixed in |
|---|---|---|
| igel / igel_os | - | 11.01.100 |
| microsoft / windows_10_1507 | - | 10.0.10240.21161 |
| microsoft / windows_10_1607 | - | 10.0.14393.8519 |
| microsoft / windows_10_1809 | - | 10.0.17763.7919 |
| microsoft / windows_10_21h2 | - | 10.0.19044.6456 |
| microsoft / windows_10_22h2 | - | 10.0.19045.6456 |
| microsoft / windows_11_22h2 | - | 10.0.22621.6060 |
| microsoft / windows_11_23h2 | - | 10.0.22631.6060 |
| microsoft / windows_11_24h2 | - | 10.0.26100.6899 |
| microsoft / windows_11_25h2 | - | 10.0.26200.6899 |
| microsoft / windows_server_2012 | r2 | r2.x |
| microsoft / windows_server_2016 | - | 10.0.14393.8519 |
| microsoft / windows_server_2019 | - | 10.0.17763.7919 |
| microsoft / windows_server_2022 | - | 10.0.20348.4294 |
| microsoft / windows_server_2022_23h2 | - | 10.0.25398.1913 |
| microsoft / windows_server_2025 | - | 10.0.26100.6899 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime