Public announcements and technical reports from major ISPs

Cloudflare Discloses Critical BlastRADIUS Vulnerability in RADIUS Protocol Allowing MitM Attacks

Jul 9, 2024, 01:25 PM

Cloudflare and a team of researchers have disclosed a critical vulnerability in the RADIUS protocol, which is widely used to control administrative access to networking equipment. The vulnerability, known as BlastRADIUS, exploits the outdated use of the MD5 hash function, allowing attackers to perform Man-in-the-Middle (MitM) attacks by modifying Access-Request packets undetected and forcing user authentication. This flaw, which involves a novel chosen-prefix collision attack, can lead to unauthorized network access, compromised integrity checks, and forging authentication messages. Internet Service Providers (ISPs) and organizations are advised to update their RADIUS servers, use TLS/IPSec, and avoid PAP/CHAP methods to mitigate the risk.