CVE-2025-40778
8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Summary
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ISC | BIND 9 | 9.11.0 <= 9.16.50 | affected |
| ISC | BIND 9 | 9.18.0 <= 9.18.39 | affected |
| ISC | BIND 9 | 9.20.0 <= 9.20.13 | affected |
| ISC | BIND 9 | 9.21.0 <= 9.21.12 | affected |
| ISC | BIND 9 | 9.11.3-S1 <= 9.16.50-S1 | affected |
| ISC | BIND 9 | 9.18.11-S1 <= 9.18.39-S1 | affected |
| ISC | BIND 9 | 9.20.9-S1 <= 9.20.13-S1 | affected |
Weaknesses
- CWE-349: CWE-349 Acceptance of Extraneous Untrusted Data With Trusted Data
Workarounds
No workarounds known.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
Additional References
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.