Loading...
Loading...
Browse all stories on DeepNewz
VisitWill a significant MitM attack exploiting BlastRADIUS vulnerability be reported by September 30, 2024?
Yes • 50%
No • 50%
Public security incident reports and news articles
Cloudflare Discloses Critical BlastRADIUS Vulnerability in RADIUS Protocol Allowing MitM Attacks
Jul 9, 2024, 01:25 PM
Cloudflare and a team of researchers have disclosed a critical vulnerability in the RADIUS protocol, which is widely used to control administrative access to networking equipment. The vulnerability, known as BlastRADIUS, exploits the outdated use of the MD5 hash function, allowing attackers to perform Man-in-the-Middle (MitM) attacks by modifying Access-Request packets undetected and forcing user authentication. This flaw, which involves a novel chosen-prefix collision attack, can lead to unauthorized network access, compromised integrity checks, and forging authentication messages. Internet Service Providers (ISPs) and organizations are advised to update their RADIUS servers, use TLS/IPSec, and avoid PAP/CHAP methods to mitigate the risk.
View original story