Forgery Attacks on RADIUS Protocol Revealed
CVE-2024-3596
Summary
The RADIUS Protocol, defined under RFC 2865, is vulnerable to forgery attacks executed by local adversaries. By leveraging a chosen-prefix collision attack, an attacker can manipulate the MD5 Response Authenticator signature, allowing them to alter any legitimate response types, including Access-Accept, Access-Reject, or Access-Challenge. This vulnerability poses significant risks as unauthorized alterations to RADIUS responses can disrupt network access and authentication processes within affected network products. Mitigation strategies are essential to protect systems from potential exploitation.
Affected Version(s)
RFC 2865
News Articles
Cyber Security NewsCVE-2024-3596RADIUS Protocol Vulnerability Impacted Multiple Cisco Products
A critical vulnerability in the Remote Authentication Dial-In User Service (RADIUS) protocol has been disclosed, affecting multiple Cisco products. The vulnerability, CVE-2024-3596, allows an on-path attacker...
BrandefenseCVE-2024-3596BlastRADIUS Vulnerability (CVE-2024-3596) Exposes RADIUS Protocol to Critical Network Security Risk – Brandefense
A newly identified vulnerability (CVE-2024-3596), dubbed "BlastRADIUS," has been discovered in the RADIUS protocol, posing a critical risk to network security.
References
CVSS V3.1
Timeline
- đź“°
First article discovered by Brandefense
Vulnerability published