Main Vulnerability Database Exploits ID:11411 - Exploit for Reachable assertion in ISC BIND - CVE-2025-40775

ID:11411 - Exploit for Reachable assertion in ISC BIND - CVE-2025-40775

Published: May 23, 2025

Vulnerability identifier: #VU109620

Vulnerability risk: Medium

CVE-ID: CVE-2025-40775

CWE-ID: CWE-617

Exploitation vector: Remote access

Vulnerable software:
ISC BIND

Link to public exploit:

https://github.com/AlexSvobo/nhi-zero-trust-bypass

Vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling transaction signature (TSIG) in incoming DNS messages. A remote attacker can send specially crafted DNS messages to the affected server and perform a denial of service (DoS) attack.

Remediation

Install updates from vendor's website.

ID:11411 - Exploit for Reachable assertion in ISC BIND - CVE-2025-40775

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human