CVE-2025-40780 | THREATINT

Description

In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.

PUBLISHED Reserved 2025-04-16 | Published 2025-10-22 | Updated 2025-10-22 | Assigner isc

HIGH: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Problem types

CWE-341 Predictable from Observable State

Product status

Default status

unaffected

9.16.0 (custom)

affected

9.18.0 (custom)

affected

9.20.0 (custom)

affected

9.21.0 (custom)

affected

9.16.8-S1 (custom)

affected

9.18.11-S1 (custom)

affected

9.20.9-S1 (custom)

affected

Credits

ISC would like to thank Prof. Amit Klein and Omer Ben Simhon from Hebrew University of Jerusalem for bringing this vulnerability to our attention.

References

kb.isc.org/docs/cve-2025-40780 (CVE-2025-40780) vendor-advisory

cve.org (CVE-2025-40780)

nvd.nist.gov (CVE-2025-40780)

Download JSON