Recently, cybersecurity specialists discovered a critical vulnerability in the RADIUS protocol (CVE-2024-3596), which enables Man-in-the-Middle attacks. This vulnerability allows an attacker to modify RADIUS packets, potentially leading to unauthorized access to network devices and services. The issue affects all RADIUS implementations using unencrypted authentication methods (e.g., PAP, CHAP, MS-CHAPv2) over UDP communication.
Network device manufacturers are responding to this vulnerability by introducing a series of updates in their products. New software versions enforce validation of the message-authenticator attribute and reject RADIUS responses with unrecognized proxy-state attributes.
To secure your network, it is recommended to implement TLS or IPSec protocols, which prevent such threats. It is also worth noting that the 802.1X (EAP) standard is not susceptible to this vulnerability, making it a safe and recommended method.
Network administrators are advised to deploy available updates and switch to encrypted authentication methods wherever possible. Additionally, monitoring RADIUS traffic for unusual activities can help quickly detect any attack attempts. This issue particularly affects networks that send RADIUS traffic over the Internet.
NACVIEW system already has an appropriate patch implemented to fully cooperate with various network devices, ensuring compliance with the latest security requirements and protection against the BlastRADIUS vulnerability.