Re: RADIUS Protocol Vulnerability

Kyaw_Myo_Oo · ‎07-14-2024

Dear All,

The Remote Authentication Dial-In User Service, or RADIUS, network protocol is vulnerable to forgery attacks. The cybersecurity experts who detected the vulnerability have devised Blast-RADIUS, an “attack [that] allows a man-in-the-middle attacker to authenticate itself to a device using RADIUS for user authentication, or to assign itself arbitrary network privileges.” RADIUS is ubiquitous, so the vulnerability affects most networking devices. The researchers recommend that RADIUS/UP be deprecated. Short of that, suggested mitigations include transitioning to RADIUS over TLS, isolating RADIUS traffic, and watching for updates and applying them when they are available.

https://www.theregister.com/2024/07/10/radius_critical_vulnerability/?is=2e17210a000df3b23714ee0b7fa...

https://nvd.nist.gov/vuln/detail/CVE-2024-3596?is=2e17210a000df3b23714ee0b7fabf90d53a139a7fd871f741a...

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSM | CISSP | PMP

Caute_cautim · ‎07-14-2024

@Kyaw_Myo_Oo I wonder how many organisations still use RADIUS these days, really antiquated protocol these days. There are many replacements available including Cisco TACACS+

Regards

Caute_Cautim

Bec · ‎07-16-2024

a lot of people are still using it since it is free inside windows server

Caute_cautim · ‎07-17-2024

@BecFree may not be secure, but then they take the risk, and pay the consequences if Murphy's law descends upon them.

Regards

Caute_Cautim

Kyaw_Myo_Oo · ‎07-19-2024

Thanks for sharing your thoughts and views @Caute_cautim.

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSM | CISSP | PMP

Kyaw_Myo_Oo · ‎07-19-2024

Thanks for sharing your thoughts and views @Bec.

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSM | CISSP | PMP