- Description
- A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1.
- Source
- security-officer@isc.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
- Severity
- HIGH
- security-officer@isc.org
- CWE-349
- Hype score
- Not currently trending
CVE-2025-40776 Cache Poisoning Vulnerability in BIND 9 Resolver with EDNS Client Subnet https://t.co/7krcxtyu3t Vulnerability Notification: https://t.co/xhLrNnfyrO
@VulmonFeeds
17 Jul 2025
60 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40776 A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versio… https://t.co/rN1JPQRTOB
@CVEnew
16 Jul 2025
174 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes