Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2020-8625

Disclosure Date: February 17, 2021
CVE-2020-8625 CVSS v3 Base Score: 8.1
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND’s default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 –> 9.11.27, 9.12.0 –> 9.16.11, and versions BIND 9.11.3-S1 –> 9.11.27-S1 and 9.16.8-S1 –> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 –> 9.17.1 of the BIND 9.17 development branch

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
8.1 High
Impact Score:
5.9
Exploitability Score:
2.2
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
BIND9 9.5.0 through versions before 9.11.28
BIND9 9.12.0 through versions before 9.16.12
BIND9 9.11.3-S1 through versions before 9.11.28-S1
BIND9 9.16.8-S1 through versions before 9.16.12-S1
BIND9 9.17.0 through versions before 9.17.2
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • debian,
  • fedoraproject,
  • isc,
  • netapp,
  • siemens

Products

  • 500f firmware -,
  • a250 firmware -,
  • bind,
  • bind 9.11.21,
  • bind 9.11.27,
  • bind 9.11.3,
  • bind 9.11.5,
  • bind 9.11.6,
  • bind 9.11.7,
  • bind 9.11.8,
  • bind 9.16.11,
  • bind 9.16.8,
  • bind 9.17.0,
  • bind 9.17.1,
  • cloud backup -,
  • debian linux 10.0,
  • debian linux 9.0,
  • fedora 32,
  • fedora 33,
  • fedora 34,
  • sinec infrastructure network services

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis