Security News > 2024 > July > RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle attacks and bypass integrity checks under certain circumstances.
"The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks," InkBridge Networks CEO Alan DeKok, who is the creator of the FreeRADIUS Project, said in a statement.
The security of RADIUS is reliant on a hash that's derived using the MD5 algorithm, which has been deemed cryptographically broken as of December 2008 owing to the risk of collision attacks.
For the attack to succeed, the adversary has to be able to modify RADIUS packets in transit between the RADIUS client and server.
BlastRADIUS is the result of a fundamental design flaw and is said to impact all standards-compliant RADIUS clients and servers, making it imperative that internet service providers and organizations that use the protocol update to the latest version.
It's worth noting that the vulnerability, which carries a CVSS score of 9.0, particularly affects networks that send RADIUS/UDP traffic over the internet given that "Most RADIUS traffic is sent 'in the clear.'" There is no evidence that it's being exploited in the wild.
News URL
https://thehackernews.com/2024/07/radius-protocol-vulnerability-exposes.html
Related news
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- FortiManager critical vulnerability under active attack (source)
- Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack (source)
- qBittorrent fixes flaw exposing users to MitM attacks for 14 years (source)