When multiple sockets are allowed to bind to the same port, other services on that port may be stolen or spoofed.

What CVEs are caused by CWE-605?

3 recorded CVEs are attributed to CWE-605, including CVE-2026-25086, CVE-2024-30218, CVE-2025-15320.

How do you prevent CWE-605?

Restrict server socket address to known local addresses.

How is CWE-605 detected?

Automated Static Analysis: Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)

What are the consequences of CWE-605?

Exploiting CWE-605 can lead to: Read Application Data.

Is CWE-605 actively exploited?

3 recorded CVEs are caused by CWE-605; none are currently in CISA's KEV catalog of actively exploited flaws.

CWE-605: Multiple Binds to the Same Port

Common consequences

What can happen when CWE-605 is exploited.

Read Application Data

Affects: Confidentiality, Integrity

Packets from a variety of network services may be stolen or the services spoofed.

CWE-605: Multiple Binds to the Same Port

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

This code binds a server socket to port 21, allowing the server to listen for traffic on that port.

Vulnerable example

void bind_socket(void) {

This code may result in two servers binding a socket to same port, thus receiving each other's traffic. This could be used by an attacker to steal packets meant for another process, such as a secure FTP server.

Common consequences

CWE-605: Multiple Binds to the Same Port

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Automated Static Analysis

Code examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-605?

What CVEs are caused by CWE-605?

How do you prevent CWE-605?

How is CWE-605 detected?

What are the consequences of CWE-605?

Is CWE-605 actively exploited?

References

Stay ahead of CWE-605

Common consequences

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Automated Static Analysis

Code examples

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-605?

What CVEs are caused by CWE-605?

How do you prevent CWE-605?

How is CWE-605 detected?

What are the consequences of CWE-605?

Is CWE-605 actively exploited?

References

Stay ahead of CWE-605