RADIUS: RADIUS Response Forgery (CVE-2024-3596) #shorts #breaking

CVE

This CVE relates to a new vulnerability known as RADIUS Response Forgery. It affects the RADIUS Protocol under RFC 2865, allowing a local attacker to modify any valid response, such as Access-Accept, Access-Reject, or Access-Challenge, to any other response. This is achieved using a chosen-prefix collision attack against the MD5 Response Authenticator signature. The scope of those potentially affected includes users of freeradius-server. Currently, it is unknown who has been attacked using this method.

Watch the full video on YouTube: CVE-2024-3596

Remediation and exploitation details

This chain involves the following actors

This following systems are involved

Attack entry point

Remediation actions

Exploitation actions

Related Content

NOTE: The following related content has not been vetted and may be unsafe.

CVE database technical details

CVE ID
CVE-2024-3596
Description
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
Provider
certcc
CWE / problem types
CWE-328: Use of Weak Hash,CWE-200 Exposure of Sensitive Information to an Unauthorized Actor,CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel
Affected Software Versions
IETF:RFC:[{'status': 'affected', 'version': '2865'}]
Date Published
2024-07-09T12:02:53.001Z
Last Updated
2025-05-01T03:55:24.016Z