CVE-2025-40778

CWE-349 CWE-34712 documents8 sources

Severity

8.6HIGH

EPSS

0.0%

top 99.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Bind 9

Timeline

PublishedOct 22

Latest updateNov 12

Description

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:NExploitability: 3.9 | Impact: 4.0

Affected Packages4 packages

▶Alpinebind< 9.18.41-r0+4

▶Debianbind9< 1:9.16.50-1~deb11u4+3

▶Ubuntubind9< 1:9.18.39-0ubuntu0.22.04.2+2

▶CVEListV5isc/bind_99.11.0 — 9.16.50+6

🔴Vulnerability Details

OSV

bind9 vulnerabilities↗2025-11-12

▶

OSV

CVE-2025-40778: Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache↗2025-10-22

▶

OSV

CVE-2025-40778: Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache↗2025-10-22

▶

CVEList

Cache poisoning attacks with unsolicited RRs↗2025-10-22

▶

OSV

bind9 vulnerabilities↗2025-10-22

▶

📋Vendor Advisories

Ubuntu

Bind vulnerabilities↗2025-11-12

▶

Red Hat

bind: Cache poisoning attacks with unsolicited RRs↗2025-10-22

▶

Ubuntu

Bind vulnerabilities↗2025-10-22

▶

Microsoft

Cache poisoning attacks with unsolicited RRs↗2025-10-14

▶

Debian

CVE-2025-40778: bind9 - Under certain circumstances, BIND is too lenient when accepting records from ans...↗2025

▶