Security News > 2024 > July > Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack
![Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack](/static/build/img/news/critical-vulnerability-in-the-radius-protocol-leaves-networking-equipment-open-to-attack-medium.jpg)
A new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS, leaves most networking equipment open to Man-in-the-Middle attacks.
To protect businesses from BlastRADIUS, "Every network switch, router, firewall, VPN concentrator, access point, and DSL gateway worldwide needs to be updated to add integrity and authentication checks for these packets," explains Alan DeKok, CEO of InkBridge Networks and one of the foremost experts on RADIUS servers.
"The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks. As a result, an attacker can modify these packets without detection. The attacker could force any user to authenticate and give any authorization to that user."
"The RADIUS protocol is a foundational element of most network access systems worldwide. As of July 9, nearly all of these systems are no longer secure. The discovery of the BlastRADIUS issue means that network technicians must install firmware upgrades on every device involved in network security, identity, and authentication. We believe that Internet service providers, enterprises, and most cloud identity providers are likely to be affected by this issue," said DeKok.
"ISPs will have to upgrade their RADIUS servers and networking equipment. Anyone using MAC address authentication, or RADIUS for administrator logins to switches is vulnerable. Using TLS or IPSec prevents the attack, and 802.1X is not vulnerable." . For most enterprises, the attacker would already need access to the management VLAN. ISPs can be vulnerable if they send RADIUS traffic over intermediate networks, such as third-party outsourcers or the wider Internet.
For networking equipment, install any firmware update that is available from your network equipment vendor.
News URL
https://www.helpnetsecurity.com/2024/07/09/blastradius-radius-protocol-vulnerability/
Related news
- TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks (source)
- London hospitals left in critical condition after ransomware attack (source)
- Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability (source)
- VMware fixes critical vCenter RCE vulnerability, patch now (source)
- SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately (source)
- Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool (source)
- Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application (source)
- GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others (source)
- Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks (source)
- RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks (source)