Security News > 2024 > July > RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle attacks and bypass integrity checks under certain circumstances.
"The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks," InkBridge Networks CEO Alan DeKok, who is the creator of the FreeRADIUS Project, said in a statement.
The security of RADIUS is reliant on a hash that's derived using the MD5 algorithm, which has been deemed cryptographically broken as of December 2008 owing to the risk of collision attacks.
For the attack to succeed, the adversary has to be able to modify RADIUS packets in transit between the RADIUS client and server.
BlastRADIUS is the result of a fundamental design flaw and is said to impact all standards-compliant RADIUS clients and servers, making it imperative that internet service providers and organizations that use the protocol update to the latest version.
It's worth noting that the vulnerability, which carries a CVSS score of 9.0, particularly affects networks that send RADIUS/UDP traffic over the internet given that "Most RADIUS traffic is sent 'in the clear.'" There is no evidence that it's being exploited in the wild.
News URL
https://thehackernews.com/2024/07/radius-protocol-vulnerability-exposes.html
Related news
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- New OpenSSH flaws expose SSH servers to MiTM and DoS attacks (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)