Security News > 2024 > July > RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle attacks and bypass integrity checks under certain circumstances.
"The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks," InkBridge Networks CEO Alan DeKok, who is the creator of the FreeRADIUS Project, said in a statement.
The security of RADIUS is reliant on a hash that's derived using the MD5 algorithm, which has been deemed cryptographically broken as of December 2008 owing to the risk of collision attacks.
For the attack to succeed, the adversary has to be able to modify RADIUS packets in transit between the RADIUS client and server.
BlastRADIUS is the result of a fundamental design flaw and is said to impact all standards-compliant RADIUS clients and servers, making it imperative that internet service providers and organizations that use the protocol update to the latest version.
It's worth noting that the vulnerability, which carries a CVSS score of 9.0, particularly affects networks that send RADIUS/UDP traffic over the internet given that "Most RADIUS traffic is sent 'in the clear.'" There is no evidence that it's being exploited in the wild.
News URL
https://thehackernews.com/2024/07/radius-protocol-vulnerability-exposes.html
Related news
- TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks (source)
- SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately (source)
- Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack (source)
- PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks (source)