CISA Issues Warning on Exploitable Vulnerabilities in Popular BIND 9 DNS Software

About the Vulnerabilities

The Internet Systems Consortium (ISC) has released BIND security updates that include fixes for multiple remotely exploitable denial-of-service (DoS) vulnerabilities found in the DNS software suite. These updates mitigate four high-severity bugs, identified as CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076, each carrying a CVSS score of 7.5.
‍

Impact of the Vulnerabilities

Successful exploitation of the aforementioned bugs could cause a named instance to terminate unexpectedly, deplete available CPU resources, slow down query processing by a factor of 100, and render the server unresponsive.

CVE-2024-0760 outlines a scenario in which a malevolent DNS client, by sending numerous queries over TCP without processing the responses, could result in the server responding slowly or failing to respond to other clients.

CVE-2024-1737 involves the potential to create an excessive number of resource record types for a specific owner name, causing a slowdown in database processing.

CVE-2024-4076 stems from a logic error where lookups leading to the serving of outdated data and necessitating searches in local authoritative zone data could have led to an assertion failure.

CVE-2024-1975 pertains to the validation of DNS messages signed with the SIG(0) protocol potentially causing high CPU load, resulting in a denial-of-service condition.
‍

Mitigation Measures

The vulnerabilities have been resolved in the earlier July 2024 releases of BIND 9 versions 9.18.28, 9.20.0, and 9.18.28-S1. Currently, there is no indication that these vulnerabilities have been exploited in real-world scenarios.
‍

Nexusguard and Customers unaffected by the Vulnerabilities

Through continuous monitoring, we have confirmed that our products are not impacted by the four vulnerabilities mentioned earlier. Our robust architecture and proactive defense mechanisms ensure the reliability and resilience of our services in safeguarding against high-severity vulnerabilities.

At Nexusguard, ensuring peace of mind for our customers is our top priority. We conduct regular security assessments and thorough testing to stay ahead of evolving threats, promptly addressing any vulnerabilities identified in security advisories.
‍

Steps to Safeguard Your Organization

If you suspect that you may be impacted by this vulnerability, it is essential to promptly seek specialized assistance. Nexusguard is a prominent provider of powerful distributed denial of service (DDoS) security solutions dedicated to combating malicious Internet attacks. Our broad array of services delivers unparalleled defense against various attacks across L3-L4 and L7 layers. Through our comprehensive protection, which includes proactive strategies against potential zero-day attacks, we guarantee optimal efficiency and effectiveness in protecting your valuable digital assets.

For further details on Nexusguard’s suite of flexible anti-DDoS solutions, please click here or reach out to us via our emergency contact form.
‍