CVE-2024-3596: Blast-RADIUS Vulnerability a Major Threat to RADIUS Authentication Protocol
Overview A critical security flaw, CVE-2024-3596, was recently discovered in the RADIUS (Remote Authentication Dial-In User Service) authentication protocol. This vulnerability, dubbed Blast-RADIUS, poses a serious threat to organizations relying on RADIUS for network authentication and access control. Researchers have demonstrated how attackers could exploit the vulnerability to bypass authentication mechanisms, highlighting the risks in environments using non-EAP (Extensible Authentication Protocol) methods over UDP. Vulnerability Details CVE ID: CVE-2024-3596 Description: The Blast-RADIUS attack allows an adversary to perform a Man-in-the-Middle (MITM) attack on RADIUS authentication....