CVE-2025-69217

Name of the Vulnerable Software and Affected Versions coturn versions 4.6.2r5 through 4.7.0-r4

Description coturn, a free open source implementation of TURN and STUN Server, contains a flaw related to its random number generator. Specifically, the random number generator for nonces and port randomization is weak after refactoring. Random numbers are generated using libc's random() function instead of OpenSSL's RAND bytes (except on Windows). By fetching approximately 50 sequential nonces through unauthenticated allocation requests, an attacker can reconstruct the state of the random number generator and predict future nonces. This allows for authentication while spoofing IP addresses. An attacker with knowledge of credentials can send authenticated messages without receiving responses, including nonces. Furthermore, the deterministic port randomization, based on the pseudorandom seed, allows attackers to predict allocated relay ports. If an attacker allocates a relay port, they can predict subsequent relay ports.

Recommendations Update to a version after commit 11fc465f4bba70bb0ad8aae17d6c4a63a29917d9.