""It's always DNS." That was a popular online response to last week's global AWS outage. The Dutch cybersecurity agency NCSC expects more trouble when it comes to DNS issues, but this time due to DNS server software BIND 9. Two serious vulnerabilities in BIND 9 enable so-called cache poisoning. This causes the DNS server to provide incorrect responses to users' DNS requests. Because the wrong IP address can be communicated to the endpoint, attackers are able to redirect victims to a malicious website."
"Researchers have now developed proof-of-concept exploit code that can be used to exploit the security vulnerabilities in a laboratory setting. The NCSC expects that this code will soon be converted by attackers into working exploits for cache poisoning attacks. "For the time being, it is unlikely that the BIND server itself can be compromised. The potential damage is cache poisoning. This causes the DNS to give incorrect answers, allowing malicious parties to direct victims to rogue servers," according to the government agency."
BIND 9 contains two serious vulnerabilities, CVE-2025-40778 and CVE-2025-40780, that enable DNS cache poisoning. Cache poisoning causes DNS servers to return incorrect IP addresses, allowing attackers to redirect users to malicious or rogue servers. The vulnerabilities score 8.6 and updates were released last week to address them. Proof-of-concept exploit code is already available and could be turned into practical attacks. CVE-2025-40780 involves a weakness in the Pseudo Random Number Generator used by BIND 9. The Dutch cybersecurity agency NCSC urges organizations to install the updates to protect infrastructure and users from cache poisoning attacks.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]