Blast-RADIUS Vulnerability
Last updated
Was this helpful?
Last updated
Was this helpful?
Earlier this year, a group of RADIUS experts identified a vulnerability in the RADIUS protocol. Hackers can exploit this vulnerability to gain access to networks protected by RADIUS systems.
For more information about this vulnerability, visit . This site also contains a comprehensive paper on the background called "RADIUS/UDP Considered Harmful".
The vulnerability is also documented as :
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
RADIUSaaS is not affected by the Blast-RADIUS vulnerability.
RADIUSaaS only supports EAP-based authentication protocols. If EAP is properly implemented in all components of your infrastructure, the mechanism described in this vulnerability will not be effective.
It is important that all components in your environment have proper implementations. We recommend that you check with your network equipment vendor to ensure that they have updated their systems, if needed.