CWE-605
AllowedMultiple Binds to the Same Port
Abstraction: Variant · Status: Draft
When multiple sockets are allowed to bind to the same port, other services on that port may be stolen or spoofed.
6 vulnerabilities reference this CWE, most recent first.
CVE-2026-25086 (GCVE-0-2026-25086)
Vulnerability from cvelistv5 – Published: 2026-03-20 23:14 – Updated: 2026-03-23 15:56 Unsupported When Assigned| Vendor | Product | Version | |
|---|---|---|---|
| Automated Logic | WebCTRL Premium Server |
Affected:
0 , < v8.5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T14:50:06.633008Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-605",
"description": "CWE-605 Multiple Binds to the Same Port",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:56:09.720Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WebCTRL Premium Server",
"vendor": "Automated Logic",
"versions": [
{
"lessThan": "v8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonathan Lee, Thuy D. Nguyen, and Neil C. Rowe of the Naval Postgraduate School reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Under certain conditions, an attacker could bind to the same port used \nby WebCTRL. This could allow the attacker to craft and send malicious \npackets and impersonate the WebCTRL service without requiring code \ninjection into the WebCTRL software."
}
],
"value": "Under certain conditions, an attacker could bind to the same port used \nby WebCTRL. This could allow the attacker to craft and send malicious \npackets and impersonate the WebCTRL service without requiring code \ninjection into the WebCTRL software."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-605",
"description": "CWE-605",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T23:15:23.243Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.automatedlogic.com/en/company/security-commitment/"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-08"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-078-08.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Automated Logic notes that WebCTRL 7 is end of life and has been \nout of support since January 27, 2023. Users are advised to upgrade to \nthe latest version of the WebCTRL server application, which supports the\n more secure BACnet/SC."
}
],
"value": "Automated Logic notes that WebCTRL 7 is end of life and has been \nout of support since January 27, 2023. Users are advised to upgrade to \nthe latest version of the WebCTRL server application, which supports the\n more secure BACnet/SC."
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For users of supported versions of WebCTRL (WebCTRL 8.5 \ncumulative releases and later), Automated Logic provides secure \nconfiguration guidance for hardware and software deployments; BACnet \nSecure Connect (BACnet/SC) support, which introduces TLS encryption and \nmutual authentication; and published best practices for network \nsegmentation, access control, and secure protocol implementation. \nAdditional information is available at:\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automatedlogic.com/en/company/security-commitment/\" title=\"(opens in a new window)\"\u003ehttps://www.automatedlogic.com/en/company/security-commitment/\u003c/a\u003e"
}
],
"value": "For users of supported versions of WebCTRL (WebCTRL 8.5 \ncumulative releases and later), Automated Logic provides secure \nconfiguration guidance for hardware and software deployments; BACnet \nSecure Connect (BACnet/SC) support, which introduces TLS encryption and \nmutual authentication; and published best practices for network \nsegmentation, access control, and secure protocol implementation. \nAdditional information is available at:\u00a0\n https://www.automatedlogic.com/en/company/security-commitment/"
}
],
"source": {
"advisory": "ICSA-26-078-08",
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Automated Logic WebCTRL Premium Server Multiple Binds to the Same Port",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-25086",
"datePublished": "2026-03-20T23:14:23.075Z",
"dateReserved": "2026-03-12T19:57:03.300Z",
"dateUpdated": "2026-03-23T15:56:09.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15320 (GCVE-0-2025-15320)
Vulnerability from cvelistv5 – Published: 2026-02-06 19:18 – Updated: 2026-02-06 19:40- CWE-605 - Multiple Binds to the Same Port
| Vendor | Product | Version | |
|---|---|---|---|
| Tanium | Tanium Client |
Affected:
7.6.2.0 , < 7.6.2.1327
(custom)
Affected: 7.6.4.0 , < 7.6.4.2160 (custom) Affected: 7.7.3.0 , < 7.7.3.8231 (custom) Affected: 7.4.10.0 , < 7.4.10.1118 (custom) cpe:2.3:a:tanium:client:7.4.10.1116:*:*:*:*:*:*:* cpe:2.3:a:tanium:client:7.6.2.1326:*:*:*:*:*:*:* cpe:2.3:a:tanium:client:7.6.4.2159:*:*:*:*:*:*:* cpe:2.3:a:tanium:client:7.7.3.8230:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15320",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:40:12.881671Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:40:46.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:client:7.4.10.1116:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:client:7.6.2.1326:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:client:7.6.4.2159:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:client:7.7.3.8230:*:*:*:*:*:*:*"
],
"product": "Tanium Client",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.6.2.1327",
"status": "affected",
"version": "7.6.2.0",
"versionType": "custom"
},
{
"lessThan": "7.6.4.2160",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
},
{
"lessThan": "7.7.3.8231",
"status": "affected",
"version": "7.7.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.10.1118",
"status": "affected",
"version": "7.4.10.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Filip Waeytens"
},
{
"lang": "en",
"type": "reporter",
"value": "Frank Lycops"
},
{
"lang": "en",
"type": "reporter",
"value": "Jean-Michel Huguet"
},
{
"lang": "en",
"type": "reporter",
"value": "Jorge Escabias"
},
{
"lang": "en",
"type": "reporter",
"value": "Justin Hocquel from NCIA/NCSC"
}
],
"dateAssigned": "2025-12-29T23:12:59.718Z",
"datePublic": "2025-08-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed a denial of service vulnerability in Tanium Client."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-605",
"description": "Multiple Binds to the Same Port",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:18:13.493Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-023",
"url": "https://security.tanium.com/TAN-2025-023"
}
],
"title": "Tanium addressed a denial of service vulnerability in Tanium Client."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15320",
"datePublished": "2026-02-06T19:18:13.493Z",
"dateReserved": "2025-12-29T23:12:59.888Z",
"dateUpdated": "2026-02-06T19:40:46.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-30218 (GCVE-0-2024-30218)
Vulnerability from cvelistv5 – Published: 2024-04-09 01:04 – Updated: 2024-09-28 22:27- CWE-605 - Multiple Binds to the Same Port
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP NetWeaver AS ABAP and ABAP Platform |
Affected:
KRNL64NUC 7.22
Affected: KRNL64NUC 7.22EXT Affected: KRNL64UC 7.22 Affected: KRNL64UC 7.22EXT Affected: KRNL64UC 7.53 Affected: KERNEL 7.22 Affected: KERNEL 7.53 Affected: KERNEL 7.77 Affected: KERNEL 7.85 Affected: KERNEL 7.89 Affected: KERNEL 7.54 Affected: KERNEL 7.93 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30218",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T19:26:44.032060Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:20.427Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:03.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3359778"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver AS ABAP and ABAP Platform",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "KRNL64NUC 7.22"
},
{
"status": "affected",
"version": "KRNL64NUC 7.22EXT"
},
{
"status": "affected",
"version": "KRNL64UC 7.22"
},
{
"status": "affected",
"version": "KRNL64UC 7.22EXT"
},
{
"status": "affected",
"version": "KRNL64UC 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.77"
},
{
"status": "affected",
"version": "KERNEL 7.85"
},
{
"status": "affected",
"version": "KERNEL 7.89"
},
{
"status": "affected",
"version": "KERNEL 7.54"
},
{
"status": "affected",
"version": "KERNEL 7.93"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe ABAP Application Server of SAP NetWeaver as well as ABAP Platform\u00a0allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability.\u003c/p\u003e"
}
],
"value": "The ABAP Application Server of SAP NetWeaver as well as ABAP Platform\u00a0allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-605",
"description": "CWE-605: Multiple Binds to the Same Port",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-28T22:27:25.110Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3359778"
},
{
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of service (DOS) vulnerability in SAP NetWeaver AS ABAP and ABAP Platform",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2024-30218",
"datePublished": "2024-04-09T01:04:40.206Z",
"dateReserved": "2024-03-26T04:09:54.136Z",
"dateUpdated": "2024-09-28T22:27:25.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-4P22-4Q7X-9XPQ
Vulnerability from github – Published: 2026-03-21 00:31 – Updated: 2026-03-21 00:31Under certain conditions, an attacker could bind to the same port used by WebCTRL. This could allow the attacker to craft and send malicious packets and impersonate the WebCTRL service without requiring code injection into the WebCTRL software.
{
"affected": [],
"aliases": [
"CVE-2026-25086"
],
"database_specific": {
"cwe_ids": [
"CWE-605"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-21T00:16:25Z",
"severity": "HIGH"
},
"details": "Under certain conditions, an attacker could bind to the same port used \nby WebCTRL. This could allow the attacker to craft and send malicious \npackets and impersonate the WebCTRL service without requiring code \ninjection into the WebCTRL software.",
"id": "GHSA-4p22-4q7x-9xpq",
"modified": "2026-03-21T00:31:44Z",
"published": "2026-03-21T00:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25086"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-078-08.json"
},
{
"type": "WEB",
"url": "https://www.automatedlogic.com/en/company/security-commitment"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-08"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4W8J-9239-GVHW
Vulnerability from github – Published: 2026-02-06 21:30 – Updated: 2026-02-06 21:30Tanium addressed a denial of service vulnerability in Tanium Client.
{
"affected": [],
"aliases": [
"CVE-2025-15320"
],
"database_specific": {
"cwe_ids": [
"CWE-605"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-06T20:16:06Z",
"severity": "LOW"
},
"details": "Tanium addressed a denial of service vulnerability in Tanium Client.",
"id": "GHSA-4w8j-9239-gvhw",
"modified": "2026-02-06T21:30:49Z",
"published": "2026-02-06T21:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15320"
},
{
"type": "WEB",
"url": "https://security.tanium.com/TAN-2025-023"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-F3G2-HMGR-Q2MJ
Vulnerability from github – Published: 2024-04-09 03:30 – Updated: 2024-09-29 00:30The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability.
{
"affected": [],
"aliases": [
"CVE-2024-30218"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-605"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-09T01:15:50Z",
"severity": "MODERATE"
},
"details": "The ABAP Application Server of SAP NetWeaver as well as ABAP Platform\u00a0allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability.\n\n",
"id": "GHSA-f3g2-hmgr-q2mj",
"modified": "2024-09-29T00:30:57Z",
"published": "2024-04-09T03:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30218"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3359778"
},
{
"type": "WEB",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Restrict server socket address to known local addresses.
No CAPEC attack patterns related to this CWE.