Cisco has issued patches for multiple products affected by a critical vulnerability in the RADIUS protocol. The vulnerability, identified as CVE-2024-3596, was disclosed by security researchers on July 7, 2024.
This flaw allows an on-path attacker to forge responses using a chosen prefix collision attack against the MD5 Response Authenticator signature. Cisco has been actively investigating its product line to identify and address the affected products.
The vulnerability in the RADIUS protocol, as described under RFC 2865, makes it susceptible to forgery attacks by an on-path attacker.
The attacker can modify any valid response (Access-Accept, Access-Reject, or Access-Challenge) to another response using a chosen prefix collision attack against the MD5 Response Authenticator signature. This vulnerability impacts any RADIUS client and server.
Join our free webinar to learn about combating slow DDoS attacks, a major threat today.
Cisco has identified several products affected by this vulnerability and is working to release patches. The affected products include:
Cisco has confirmed that the following products are not affected by this vulnerability:
Currently, there are no workarounds for this vulnerability. However, RADIUS clients and servers configured to use DTLS or TLS over TCP are not exploitable, provided the traffic is not sent in plaintext.
Cisco advises customers to consult the Cisco bugs identified in the Vulnerable Products section for information about fixed software releases.
Customers should ensure their devices have sufficient memory and that the new releases support their hardware and software configurations.
Cisco’s prompt action in addressing the RADIUS protocol vulnerability underscores the importance of staying vigilant and updated on security advisories.
Customers are encouraged to regularly check Cisco’s Security Advisories page for updates and apply patches as soon as they are available to safeguard their networks.
Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo
A former employee of Dutch semiconductor firm ASML, identified as German A. (43), stands accused…
A severe vulnerability has been identified in the Apache Parquet Java library, specifically within its parquet-avro module.…
A critical security flaw has been discovered in Halo ITSM, an IT support management software widely…
Several of Australia’s largest superannuation funds have been targeted in a coordinated cyberattack, leading to…
In a significant update to the popular dynamic instrumentation toolkit Frida, developers have introduced powerful…
OpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability…