Recently, cybersecurity specialists discovered a critical vulnerability in the RADIUS protocol (CVE-2024-3596), which enables Man-in-the-Middle attacks. This vulnerability allows an attacker to modify RADIUS packets, potentially leading to unauthorized access to network devices and services. The issue affects all RADIUS implementations using unencrypted authentication methods (e.g., PAP, CHAP, MS-CHAPv2) over UDP communication.
Network device manufacturers are responding to this vulnerability by introducing a series of updates in their products. New software versions enforce validation of the message-authenticator attribute and reject RADIUS responses with unrecognized proxy-state attributes.
To secure your network, it is recommended to implement TLS or IPSec protocols, which prevent such threats. It is also worth noting that the 802.1X (EAP) standard is not susceptible to this vulnerability, making it a safe and recommended method.
Network administrators are advised to deploy available updates and switch to encrypted authentication methods wherever possible. Additionally, monitoring RADIUS traffic for unusual activities can help quickly detect any attack attempts. This issue particularly affects networks that send RADIUS traffic over the Internet.
NACVIEW system already has an appropriate patch implemented to fully cooperate with various network devices, ensuring compliance with the latest security requirements and protection against the BlastRADIUS vulnerability.
About NACVIEW
A powerful network access control (NAC) solution designed to provide organizations with comprehensive visibility and control over their network infrastructure. Developed by leading network security company, NACVIEW offers advanced features and capabilities to ensure secure and efficient network access for users and devices.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
