Cybersecurity researchers have discovered a critical security vulnerability in RADIUS, a widely used network authentication protocol dating back to the 1990s that’s still in widespread use today.

Overview A vulnerability in the RADIUS protocol allows an attacker allows an attacker to forge an authentication response in cases where a Message-Authenticator attribute is not required or enforced.

RADIUS is a common user authentication protocol used for network connections. It was originally developed in 1991 with dial-up connections in mind, but at the time of writing, it is supported by ...

Security researchers have discovered a flaw in a decades-old networking protocol that could be exploited to spy on users over internet connections and applications. The flaw affects the Remote ...

The Blast-RADIUS attack flow. More than 90 vendors have been involved in a coordinated disclosure and issued security bulletins. A widely used security protocol that dates back to the days of dial-up ...

Security researchers have discovered a vulnerability in the Remote Authentication Dial-In User Service (RADIUS) protocol, which attackers could use to gain unauthorised access to corporate networks, ...

Security researchers at two universities in the USA and at Microsoft have published a vulnerability in the RADIUS network authentication protocol (CVE-2024-3596), which allows an attacker to log into ...

There's potentially an easy mitigation here, since the access accept response can also provide additional parameters to the RADIUS client, which could be in the form of a VLAN ID, IP Address, Access ...

Researchers in partnership with InkBridge Networks in Canada, the company supporting FreeRadius, have announced they have discovered a vulnerability in the RADIUS protocol, which is widely used for ...

The public Internet and networking in general have been huge driving forces in computing that have had an enormous impact on the conduct of business and the nature of our society. However, as the ...

Different devices, all over the internet, could be vulnerable to endpoint takeover, due to running a decades-old encryption protocol, experts have warned. Academic researchers Sharon Goldberg, Miro ...