AI description
CVE-2025-40778 is a vulnerability in BIND 9 that stems from the software being too lenient when accepting records from answers. This allows an attacker to inject forged data into the cache. The vulnerability affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1. Exploitation of this vulnerability can result in forged records being injected into the cache during a query, which can potentially affect the resolution of future queries.
- Description
- Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
- Source
- security-officer@isc.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
- Severity
- HIGH
- security-officer@isc.org
- CWE-349
- Hype score
- Not currently trending
RHSA-2025:19793 Important: bind9.16 security update (RHEL8) Security Fix(es): - CVE-2025-40778 : Cache poisoning attacks with unsolicited RRs - CVE-2025-40780 : Cache poisoning due to weak PRNG https://t.co/sbNMPV6s8V
@makopicut
5 Nov 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BIND9 (susceptibilidad potencial al envenenamiento de caché) ⚠️ CVE-2025-40778 https://t.co/f77F4nkF45… CVE-2025-40778: Cache poisoning attacks with unsolicited RRs https://t.co/yCwxDXYI1Y… https://t.co/y5NGmHpteW… https://t.co/ooCy6MdH1P
@teamsixinvestig
3 Nov 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-40778
@transilienceai
3 Nov 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
DNS Poisoning Exploit: CVE-2025-40778 – The Scariest Attack This Halloween! 🎃 This Halloween, the real horror isn’t in the movies — it’s in your DNS. CVE-2025-40778 is a newly discovered DNS resolver vulnerability in BIND 9, allowing attackers to inject forged DNS re
@john_video
2 Nov 2025
106 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BIND9 (susceptibilidad potencial al envenenamiento de caché) ⚠️ CVE-2025-40778 https://t.co/Y3Fd6eVDaO CVE-2025-40778: Cache poisoning attacks with unsolicited RRs https://t.co/4q6WEe9W9q https://t.co/ZxKpb5PSCQ https://t.co/fxMzSmYZFo
@elhackernet
2 Nov 2025
3376 Impressions
2 Retweets
15 Likes
4 Bookmarks
0 Replies
0 Quotes
We added CVE-2025-40778 BIND9 tagging (potential susceptibility to cache poisoning) to our DNS scans: https://t.co/pQuzD8PVKu We found nearly 8898 unpatched DNS open resolvers on 2025-10-30, down to 6653 on 2025-11-01: https://t.co/syQkzugRJD Patch info: https://t.co/p3rdrXyTpc
@Shadowserver
2 Nov 2025
2856 Impressions
13 Retweets
21 Likes
6 Bookmarks
1 Reply
0 Quotes
CVE-2025-40778 の新POC document 通りの動作をする権威サーバーが示されている。 以前のPOC を改善して、解説も丁寧になった。 python3 が動く環境が必要です。 https://t.co/eIh2gTRgC0
@beyondDNS
1 Nov 2025
7910 Impressions
2 Retweets
12 Likes
12 Bookmarks
1 Reply
1 Quote
CVE-2025-40778. Almost 25yrs ago I changed the version in the config for the auth. name servers for the company I worked for to stop script kiddies from trying stupid stuff. FFWD, just checked version.bind of the servers and surprise .. it's still there. That one will outlive me
@d1wn
31 Oct 2025
70 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical BIND9 flaw puts 5,900+ DNS servers at risk. CVE-2025-40778 (CVSS 8.6) lets attackers poison resolver caches and redirect traffic to fake sites. A public PoC is out—patch now and lock recursion to trusted clients. Full details ↓ https://t.co/h2Z5npBwsT #Threat
@TheHackersNews
31 Oct 2025
15791 Impressions
54 Retweets
137 Likes
49 Bookmarks
0 Replies
1 Quote
CVE-2025-40778 に関して POC が公表されています。 しかし、説明とコードに不整合があります。(BIND のソースの修正説明とも整合しません。) そして、POC は外部名に対して毒を入れるような作りになっていますが
@beyondDNS
31 Oct 2025
3470 Impressions
4 Retweets
9 Likes
0 Bookmarks
1 Reply
1 Quote
There are other options than #bind9. Try #unbound "As many as 5,912 instances have been found vulnerable to CVE-2025-40778 (CVSS score: 8.6), a newly disclosed flaw in the BIND 9 resolver." https://t.co/ZHIx7su6kl
@jonstock0
30 Oct 2025
59 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40778 攻撃は ポートランダム化防衛を迂回するような記事を見かけるが、間違いだと思う。 AI に書かせたものかも。
@beyondDNS
30 Oct 2025
395 Impressions
1 Retweet
4 Likes
0 Bookmarks
1 Reply
0 Quotes
Vulnerabilidad grave en BIND 9 permite envenenamiento de caché (CVE-2025-40778) Vía: @SeguInfo https://t.co/othv6CeWGG https://t.co/Xt6Pgz4Bdp
@DragsterSystems
30 Oct 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40778の攻撃コードの公開により、BIND 9の再帰的リゾルバがDNSキャッシュ汚染で改ざんされ、数百万利用者が偽サイトへ誘導される危険性が高まった。未認証の遠隔攻撃でユーザ操作不要、既存のランダ
@yousukezan
29 Oct 2025
4991 Impressions
12 Retweets
47 Likes
13 Bookmarks
0 Replies
0 Quotes
🇺🇸 🚨 BREAKING: PoC released for CVE-2025-40778 in BIND 9 enabling DNS cache poisoning. Internet Systems Consortium warns of global DNS security risk — urgent patching required. https://t.co/F7YhOIrapI #CVE2025 #BIND #infosec
@STRATINT_AI
29 Oct 2025
75 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A serious vulnerability, CVE-2025-40778, affects over 706k BIND 9 DNS resolvers, allowing cache poisoning. No workarounds available—upgrading is essential for security. Is your system fortified against this threat? #CVE2025_40778 https://t.co/0UyKlTbMLF
@CyberDailyPost
29 Oct 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A POC exploit for CVE-2025-40778 has been released, revealing how remote, unauthenticated users can poison DNS caches in vulnerable BIND 9 resolvers, reopening a significant threat. #CyberSecurity #DNS #BIND9 https://t.co/8MH1XunjeQ
@Cyber_O51NT
29 Oct 2025
688 Impressions
4 Retweets
4 Likes
2 Bookmarks
2 Replies
0 Quotes
PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778) https://t.co/d5DEFSbgSz #HelpNetSecurity #Cybersecurity https://t.co/jB4pmfnLC9
@PoseidonTPA
28 Oct 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC code drops for remotely exploitable #BIND 9 #DNS flaw (#CVE-2025-40778) https://t.co/Bw6rqg1mhO
@ScyScan
28 Oct 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical flaw in BIND 9 (CVE-2025-40778) impacts 706,000+ DNS resolvers, enabling cache poisoning attacks that inject forged DNS records. No workarounds exist; upgrading to patched versions is crucial. #BIND9Risk #DNSAttack #USA https://t.co/weGsUHVKV5
@TweetThreatNews
27 Oct 2025
102 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 700K BIND 9 DNS Resolvers Vulnerable to Cache Poisoning A critical vulnerability (CVE-2025-40778) affects over 706,000 BIND 9 DNS resolvers globally, enabling cache poisoning via malicious DNS record injection. Public proof-of-concept code increases risk, potentially
@Secwiserapp
27 Oct 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40778 (HIGH) : BIND 9 Cache Poisoning Vulnerability This vulnerability allows attackers to inject forged data into the cache. BIND versions 9.11.0-9.16.50, 9.18.0-9.18.39, 9.20.0-9.20.13, and 9.21.0-9.21.12. https://t.co/DyhkG1Brkv
@freedomhack101
26 Oct 2025
127 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
ISC released patches for 3 high-severity BIND DNS flaws (CVE-2025-40778, -40780, -8677). Two enable cache poisoning and redirection; one can cause DoS via malformed DNSKEY handling. Admins: update BIND immediately to stay protected. #DNS #Infosec #CVE
@cyber_sec_raj
26 Oct 2025
115 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BIND 9 Cache Poisoning Vulnerability — CVE-2025-40778 🚨 A newly disclosed flaw in BIND 9 resolvers (CVSS 8.6) allows unsolicited DNS answers to be cached, enabling off-path attackers to poison resolver caches and redirect downstream users to attacker-controlled https:/
@censysio
24 Oct 2025
3264 Impressions
11 Retweets
31 Likes
9 Bookmarks
0 Replies
0 Quotes
(緊急)BIND 9.xの脆弱性(DNSキャッシュポイズニングの危険性)について (CVE-2025-40778) https://t.co/jeiHTIFrxT (緊急)BIND 9.xの脆弱性(DNSキャッシュポイズニングの成功確率向上)について (CVE-2025-40780) http
@taku888infinity
24 Oct 2025
869 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
BIND 9 Cache Poisoning via Unsolicited Answer Records (CVE-2025-40778) · GitHub https://t.co/a3gVmJT4Bu
@akaclandestine
24 Oct 2025
1084 Impressions
1 Retweet
7 Likes
2 Bookmarks
0 Replies
0 Quotes
DNSソフト「BIND 9」に深刻な欠陥が3件(CVE-2025-8677、CVE-2025-40778、CVE-2025-40780)見つかり、ISCが10月22日に公表した。攻撃者がキャッシュ汚染やDoSを引き起こす恐れがある。
@yousukezan
23 Oct 2025
911 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
【注意喚起】(緊急)BIND 9.xの脆弱性(DNSキャッシュポイズニングの危険性)について (CVE-2025-40778) - バージョンアップを強く推奨 - https://t.co/zuBwWDmr5J
@JPRS_official
23 Oct 2025
670 Impressions
4 Retweets
8 Likes
0 Bookmarks
0 Replies
1 Quote
【自分用メモ】CVE-2025-40778: Cache poisoning attacks with unsolicited RRs https://t.co/a3vvwsrJah
@OrangeMorishita
23 Oct 2025
419 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
oss-sec: ISC has disclosed three vulnerabilities in BIND 9 (CVE-2025-8677, CVE-2025-40778, CVE-2025-40780) https://t.co/W2va6vjq0k
@teenigma_
22 Oct 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BIND 9: DNS Cache Poisoning Alert CVE-2025-40778 lets attackers poison BIND 9 DNS cache, risking massive traffic redirection. Patch ASAP to protect your infrastructure. For more details, read ZeroPath's blog on this vuln. #DNS #AppSec #InfoSec https://t.co/j3XG1IwNs8
@ZeroPathLabs
22 Oct 2025
65 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
**CVE-2025-40778** is a high-severity security flaw affecting BIND (Berkeley Internet Name Domain), a widely used DNS server software. The vulnerability arises from BIND's overly permissive handling of DNS answer records, which can allow an attacker to inject forged or malicious
@CveTodo
22 Oct 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-40778: HIGH] BIND vulnerability allows attackers to inject forged data into the cache in versions 9.11.0-9.16.50, 9.18.0-9.18.39, 9.20.0-9.20.13, and 9.21.0-9.21.12. #cybersecurity#cve,CVE-2025-40778,#cybersecurity https://t.co/cc3VLGhlwh https://t.co/E1ZqFxo4EF
@CveFindCom
22 Oct 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40778: Cache poisoning attacks with unsolicited RRs 広範囲ですね.. Versions affected: BIND •9.11.0 -> 9.16.50 •9.18.0 -> 9.18.39 •9.20.0 -> 9.20.13 •9.21.0 -> 9.21.12 https://t.co/bEYZC5hovb
@yo_suematsu
22 Oct 2025
225 Impressions
4 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes