LogoLogo
LogoLogo
  • Welcome
  • Details
  • Configuration
    • Getting Started
      • Generic Guide
      • Scenario-based Guides
        • Microsoft Cloud PKI
        • SCEPman PKI
    • Access Point Setup
      • RadSec
        • Aruba
        • FortiNet
        • Juniper Mist
        • Meraki
        • MikroTik
        • Ruckus
        • UniFi
      • RADIUS
        • ExtremeCloud IQ CoPilot
        • Meraki
        • Sophos UTM
        • UniFi
    • Server Certificate Renewal
  • Admin Portal
    • Home
    • Insights
      • Rule Engine
      • Logs
    • Users
    • Settings
      • Server Settings
      • Trusted Certificates
      • Proxy Settings
      • Permissions
      • User Settings
      • Rules
        • General Structure
        • WiFi
        • LAN
        • VPN
      • Log Exporter
        • Teams
        • Log Analytics
        • Generic Webhook
        • Examples
    • My Invited Users
  • Profile Deployment
    • Microsoft Intune
      • Server Trust
      • WiFi Profile
        • Windows
        • iOS/iPadOS & macOS
        • Android
      • Wired Profile
        • Windows
        • macOS
    • Jamf Pro
      • Server Trust
      • WiFi Profile
      • Wired Profile
    • Google Workspace
      • Server Trust
      • WiFi Profile
  • Other
    • Troubleshooting
    • FAQs
      • General
      • Log & Common Errors
      • MAC Authentication
      • Blast-RADIUS Vulnerability
      • OCSP Soft-fail Consequences
      • Security & Privacy
    • REST API
      • External Monitoring
    • Changelog
  • Licensing
    • Azure Marketplace
  • Support & Service Level
  • RADIUSaaS Website
Powered by GitBook
On this page
  • What is this about?
  • Is RADIUSaaS affected?
  • Since RADIUSaaS is not affected, is my whole environment OK?

Was this helpful?

  1. Other
  2. FAQs

Blast-RADIUS Vulnerability

Last updated 9 months ago

Was this helpful?

What is this about?

Earlier this year, a group of RADIUS experts identified a vulnerability in the RADIUS protocol. Hackers can exploit this vulnerability to gain access to networks protected by RADIUS systems.

For more information about this vulnerability, visit . This site also contains a comprehensive paper on the background called "RADIUS/UDP Considered Harmful".

The vulnerability is also documented as :

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.

Is RADIUSaaS affected?

RADIUSaaS is not affected by the Blast-RADIUS vulnerability.

RADIUSaaS only supports EAP-based authentication protocols. If EAP is properly implemented in all components of your infrastructure, the mechanism described in this vulnerability will not be effective.

Since RADIUSaaS is not affected, is my whole environment OK?

It is important that all components in your environment have proper implementations. We recommend that you check with your network equipment vendor to ensure that they have updated their systems, if needed.

https://www.blastradius.fail/
CVE-2024-3596