<p>This advisory documents the impact of CVE-2024-3596 (also dubbed
“Blastradius”), a vulnerability in the RADIUS protocol, to SCALANCE,
RUGGEDCOM and related products.</p>
<p>The vulnerability could allow on-path attackers, located between a
Network Access Server (the RADIUS client, e.g., SCALANCE or RUGGEDCOM
devices) and a RADIUS server (e.g., SINEC INS), to forge Access-Request
packets in a way that enables them to modify the corresponding server
response packet at will, e.g., turning an “Access-Reject” message into
an “Access-Accept”. This would cause the Network Access Server to grant
the attackers access to the network with the attackers desired
authorization (and without the need of knowing or guessing legitimate
access credentials).</p>
<p>Further details incl. external references can be found in the chapter
“Additional Information”. Siemens has released new versions for several
affected products and recommends to update to the latest versions, and
to configure the updated systems as recommended in the chapter
“Additional Information”. Siemens is preparing further fix versions and
recommends specific countermeasures for products where fixes are not, or
not yet available. See chapter “Additional Information” for details.</p>
Source link
