AI description
CVE-2025-40780 is a vulnerability affecting BIND 9, a widely used DNS server software. The vulnerability lies in the pseudo-random number generator (PRNG) used by BIND 9 to select the source port and query ID for outgoing DNS queries. These values are crucial for protecting DNS resolvers from cache poisoning attacks. Under specific operational conditions, the PRNG can produce predictable values. An attacker who can observe or infer the PRNG state or output might be able to anticipate the next source port and query ID that BIND will use for a query. This allows the attacker to craft forged DNS responses that match the expected parameters, which the resolver will accept and cache, thus poisoning the DNS cache.
- Description
- In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
- Source
- security-officer@isc.org
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
- Severity
- HIGH
- security-officer@isc.org
- CWE-341
- Hype score
- Not currently trending
Posted a fast demo https://t.co/PR7A5gIZdX for CVE-2025-40780, where https://t.co/FycfsfI8gs says it was "discovered during research for an upcoming academic paper" that BIND's ID RNG is predictable. The attack is easy; what's interesting is why such a poor RNG ended up deployed.
@hashbreaker
15 Dec 2025
9722 Impressions
21 Retweets
68 Likes
26 Bookmarks
2 Replies
2 Quotes
Warning: #F5 warns that attackers can execute cache poisoning attacks in #BIG-IP's system resolver functionality (CVE-2025-40780). To mitigate this vulnerability on the DNS listener, disable the Use BIND Server on the BIG-IP option in the DNS profile, see https://t.co/zMUcKoO9Mx
@CCBalert
26 Nov 2025
138 Impressions
2 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
RHEL 9.7 / 10.1 の bind にすると、先日修正された CVE-2025-40778 / CVE-2025-40780 のパッチが回帰してしまう気がする。 ※除:RHEL9 bind9.18 比較した Source RPM バージョン [RHEL9.6] 9.16.23-31.el9_6.2 [RHEL9.7] 9.16.23-33.el9_7 [RHEL10.0] 9.
@makopicut
11 Nov 2025
101 Impressions
0 Retweets
1 Like
0 Bookmarks
2 Replies
0 Quotes
RHSA-2025:19793 Important: bind9.16 security update (RHEL8) Security Fix(es): - CVE-2025-40778 : Cache poisoning attacks with unsolicited RRs - CVE-2025-40780 : Cache poisoning due to weak PRNG https://t.co/sbNMPV6s8V
@makopicut
5 Nov 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【メールマガジン(FROM JPRS)】最新号を掲載しました。 通常号 vol.1218「(緊急)BIND 9.xの脆弱性(DNSキャッシュポイズニングの成功確率向上)について(CVE-2025-40780)、他2件」など https://t.co/1TClrIea1g
@JPRS_official
27 Oct 2025
202 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
(緊急)BIND 9.xの脆弱性(DNSキャッシュポイズニングの危険性)について (CVE-2025-40778) https://t.co/jeiHTIFrxT (緊急)BIND 9.xの脆弱性(DNSキャッシュポイズニングの成功確率向上)について (CVE-2025-40780) http
@taku888infinity
24 Oct 2025
869 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-40780 - BIND9 again - Cache poisoning due to weak PRNG Report: https://t.co/mMHmU8zjct This was a tough one, #pruva went down the rabbit hole using Z3 solver. Several solver scripts were generated and iteratively tuned; the agent captured port/ID streams and https://
@N3mes1s
23 Oct 2025
2555 Impressions
4 Retweets
27 Likes
10 Bookmarks
0 Replies
0 Quotes
DNSソフト「BIND 9」に深刻な欠陥が3件(CVE-2025-8677、CVE-2025-40778、CVE-2025-40780)見つかり、ISCが10月22日に公表した。攻撃者がキャッシュ汚染やDoSを引き起こす恐れがある。
@yousukezan
23 Oct 2025
911 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
【注意喚起】(緊急)BIND 9.xの脆弱性(DNSキャッシュポイズニングの成功確率向上)について (CVE-2025-40780) - バージョンアップを強く推奨 - https://t.co/z5taqTyrqd
@JPRS_official
23 Oct 2025
862 Impressions
8 Retweets
9 Likes
1 Bookmark
0 Replies
0 Quotes
oss-sec: ISC has disclosed three vulnerabilities in BIND 9 (CVE-2025-8677, CVE-2025-40778, CVE-2025-40780) https://t.co/W2va6vjq0k
@teenigma_
22 Oct 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BIND 9 PRNG Weakness: CVE-2025-40780 A flaw in BIND 9’s random number generator could impact DNS security. Patch as soon as possible to reduce risk. For more details, read ZeroPath’s blog on this vuln. #DNS #AppSec #InfoSec https://t.co/hUyGfPtGUO
@ZeroPathLabs
22 Oct 2025
55 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
**CVE-2025-40780** pertains to a weakness in the pseudo-random number generator (PRNG) used within certain versions of BIND (Berkeley Internet Name Domain), a widely deployed DNS server software. This weakness allows an attacker to predict the source port and query ID that BIND
@CveTodo
22 Oct 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-40780: HIGH] Weakness in BIND's PRNG allows attackers to predict source port & query ID. Vulnerable versions: BIND 9.16.0-9.16.50, 9.18.0-9.18.39, 9.20.0-9.20.13, 9.21.0-9.21.12, 9.16.8-S1-9.16.50-...#cve,CVE-2025-40780,#cybersecurity https://t.co/ILnhyd937L https:/
@CveFindCom
22 Oct 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40780: Cache poisoning due to weak PRNG Versions affected: BIND •9.16.0 -> 9.16.50 •9.18.0 -> 9.18.39 •9.20.0 -> 9.20.13 •9.21.0 -> 9.21.12 https://t.co/DzWTaj4iFc
@yo_suematsu
22 Oct 2025
214 Impressions
3 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes