Blast-RADIUS attack

Hi Nanog

Today we announced a vulnerability in the RADIUS protocol, based on its outdated use of the MD5 hash function. We wanted to share it with this list because we suspect many NANOG folks could be operating RADIUS in their networks (to control admin access to routers and switches and other networking gear).

Our Blast-RADIUS attack allows a Man-in-the-Middle (MitM), with access to RADIUS traffic, to gain unauthorized administrative access to the devices using RADIUS clients for authentication. It does this without needing to brute force or steal credentials or shared secrets. The attack has been given a CVSS score of 9.0.

This attack works on all authentication modes of RADIUS/UDP apart from those that use EAP. It exploits a protocol vulnerability that has been present in the RADIUS specifications since the 1990s. We exploited the vulnerability by developing an improved attack on the MD5 hash function.

The long-term fix is to run RADIUS over TLS. There are also short term patches for RADIUS/UDP. Vendors have released new mitigations against this attack today.

Here’s some more info about the attack and its mitigations.


Sharon Goldberg

(for the Blast-RADIUS team)