CVE-2025-40920

High

Published: 11 August 2025

Published

11 August 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

EPSS Score 0.0017 37.8th percentile

Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-40920 is a high-severity PRNG (CWE-338) vulnerability. Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 37.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-5 Authenticator Management good match

prevent

Requires authenticator management with sufficient strength of mechanism for security tokens like nonces in HTTP authentication, directly preventing use of weak cryptographic randomness from Data::UUID.

SI-2 Flaw Remediation good match

prevent

Mandates identification, reporting, and correction of flaws such as the predictable nonce generation in Catalyst::Authentication::Credential::HTTP version 1.018 and earlier.

SC-13 Cryptographic Protection partial match

prevent

Implements cryptographic protection mechanisms that require strong randomness sources for security-sensitive values like authentication nonces, addressing the RFC 7616 violation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

Weak nonce generation enables remote authentication bypass in a public-facing web auth module (Catalyst), directly facilitating exploitation of the application.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs. * Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable…

for security, as per RFC 9562. * The nonces should be generated from a strong cryptographic source, as per RFC 7616.

Deeper analysisAI

CVE-2025-40920 is a vulnerability in Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier, a Perl module used for HTTP authentication credentials. The issue stems from nonce generation relying on the Data::UUID library, which produces version 3 UUIDs derived from known information without a strong cryptographic randomness source. This approach is unsuitable for security contexts, as noted in RFC 9562, and fails to meet RFC 7616 requirements for cryptographically secure nonces in HTTP authentication.

The vulnerability carries a CVSS v3.1 base score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L), indicating exploitation is possible remotely over the network with low complexity, no privileges, no user interaction, and unchanged scope. Attackers can leverage the predictable nonces to achieve high confidentiality impact, such as bypassing authentication mechanisms, alongside low integrity and availability impacts. It maps to CWE-338 (uses of weak cryptography) and CWE-340 (predictable generation of identifiers).

Mitigation is addressed in the project's GitHub repository via commit ad2c03aad95406db4ce35dfb670664ebde004c18 and pull request #1, which update the nonce generation process. The vulnerable code is visible in the source at metacpan.org for version 1.018. Additional guidance appears in RFC 7616 section 5.12 and RFC 9562 security considerations, emphasizing strong cryptographic sources for nonces.