Summary
- Four risks for exposed Watchguard Firewalls, WDBRPC services, atvremote devices, and KVM devices are now enabled for ASM customers.
- One new ASM risk fingerprint for BIND 9 resolvers vulnerable to CVE-2025-40778 and one Rapid Response bulletin for this vulnerability.
ASM
The following risks have now been enabled by default for all ASM customers.
- Exposed Watchguard Firewall
- WDBRPC Service Exposed
- Exposed atvremote Device
- Exposed KVM
Rapid Response
The Censys Rapid Response team published information about and queries for the following issue.
- BIND 9 Resolver Enables Cache Poisoning Via Unsolicited Answers [CVE-2025-40778]
- The queries below can identify vulnerable BIND 9 resolvers.
New fingerprints
Added the following fingerprint.
| Type | Name | Description | Query |
|---|---|---|---|
| risk | Vulnerable ISC Bind9 [CVE-2025-40778] | This service is running a vulnerable version of ISC Bind9. An attacker may exploit a flaw in DNS response processing that allows cache poisoning via unsolicited answer records, enabling redirection of downstream clients. | ASM query |
