Vulnerability in Isc Bind9

CVE-2021-25216

In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND se…

EPSS: 0.277 (96.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

  • Isc Bind9 — versions Open Source Branches 9.5 though 9.11 9.5.0 through versions before 9.11.31, Open Source Branches 9.12 though 9.16 9.12.0 through versions before 9.16.14, Supported Preview Branch 9.11-S 9.11.3-S1 through versions before 9.11.31-S1

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2021-25216?
CVE-2021-25216 is a high-severity vulnerability in Isc Bind9. CVSS score: 8.1/10. Published 2021-04-29.
How severe is CVE-2021-25216?
High severity. CVSS v3 base score is 8.1 out of 10.
Is CVE-2021-25216 known to be exploited?
18 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.