8.6 CVE-2025-40780

In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
https://nvd.nist.gov/vuln/detail/CVE-2025-40780

Categories

CWE-341 : Predictable from Observable State
A number or object is predictable based on observations that the attacker can make about the state of the system or network, such as time, process ID, etc. Increase the entropy used to seed a PRNG. Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators"). Use a PRNG that periodically re-seeds itself using input from high-quality sources, such as hardware devices with high entropy. However, do not re-seed too frequently, or else the entropy source might block. Mail server stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. PRNG allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers. DNS resolver library uses predictable IDs, which allows a local attacker to spoof DNS query results. MFV. predictable filename and insecure permissions allows file modification to execute SQL queries.

References

 

CPE

cpe	start	end

---

REMEDIATION

---

---

EXPLOITS

---

Exploit-db.com

id	description	date
No known exploits

---

POC Github

Url
No known exploits

---

Other Nist (github, ...)

Url
No known exploits

---

CAPEC

---

Common Attack Pattern Enumerations and Classifications

id	description	severity
No entry

---