CWE
328 200 924 354
Advisory Published
CVE Published
CVE Published
Advisory Published
Advisory Published
Advisory Published
Updated

CVE-2024-3596: RADIUS Protocol CVE-2024-3596

First published: Wed Feb 07 2024(Updated: )

A fundamental design flaw within the RADIUS protocol has been proven to be exploitable, compromising the integrity in the RADIUS Access-Request process. The attack allows a malicious user to modify packets in a way that would be indistinguishable to a RADIUS client or server. To be successful, the attacker must have the ability to inject themselves between the client and server.

Credit: cret@cert.org cret@cert.org

Affected SoftwareAffected VersionHow to fix
Microsoft Windows 10=21H2
Microsoft Windows Server 2008 R2
Microsoft Windows 10=22H2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10
Microsoft Windows 10=22H2
Microsoft Windows 10=22H2
Microsoft Windows 10=21H2
Microsoft Windows 10=1607
Microsoft Windows 10=1607
Microsoft Windows 10=1809
Microsoft Windows 10=1809
Microsoft Windows 10
Microsoft Windows Server 2008 R2
Microsoft Windows 10=1809
Microsoft Windows 10=21H2
Microsoft Windows Server 2022 23H2
debian/freeradius<=3.0.21+dfsg-2.2+deb11u1<=3.2.1+dfsg-4+deb12u1
3.2.6+dfsg-3
Microsoft Windows Server
Microsoft Windows Server
Microsoft Windows Server
Microsoft Windows Server
Microsoft Windows Server
Microsoft Windows Server
FreeRADIUS<3.0.27
Brocade SANnav
Broadcom Fabric Operating System
SonicWALL SonicOS
F5 BIG-IP Next Central Manager>=20.2.0<=20.3.0
F5 BIG-IP Access Policy Manager>=17.1.0<=17.1.1
17.1.2417.1.1.4
F5 BIG-IP Access Policy Manager>=16.1.0<=16.1.5
-
F5 BIG-IP Access Policy Manager>=15.1.0<=15.1.10
-
F5 BIG-IP and BIG-IQ Centralized Management>=17.1.0<=17.1.1
17.1.2417.1.1.4
F5 BIG-IP and BIG-IQ Centralized Management>=16.1.0<=16.1.5
-
F5 BIG-IP and BIG-IQ Centralized Management>=15.1.0<=15.1.10
-
F5 BIG-IP and BIG-IQ Centralized Management>=8.2.0<=8.3.0
F5 F5OS=1.7.0>=1.5.1<=1.5.2
1.8.0
F5 F5OS>=1.6.0<=1.6.2
1.8.0
Microsoft Windows Server 2016
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2019
Windows 11=23H2
Windows 11=22H2
Windows 11=22H2
Windows 11=21H2
Windows 11=21H2
Windows 11=23H2
Microsoft Windows Server 2022
Microsoft Windows Server 2022
Fortinet FortiADC=.
Fortinet FortiADC>=7.4.0<=7.4.5
Fortinet FortiADC>=7.2
Fortinet FortiADC>=7.1
Fortinet FortiADC>=7.0
Fortinet FortiADC>=6.2
Fortinet FortiADC>=6.1
Fortinet FortiADC>=6.0
Fortinet FortiAnalyzer=.
Fortinet FortiAnalyzer>=7.4.0<=7.4.5
Fortinet FortiAnalyzer>=7.2.0<=7.2.9
Fortinet FortiAnalyzer>=7.0
Fortinet FortiGuest=.
Fortinet FortiGuest>=1.2.0<=1.2.1
Fortinet FortiGuest>=1.1
Fortinet FortiGuest>=1.0
Fortinet FortiManager>=7.6.0<=7.6.1
Fortinet FortiManager>=7.4.0<=7.4.5
Fortinet FortiManager>=7.2.0<=7.2.9
Fortinet FortiManager>=7.0
Fortinet FortiOS IPS Engine=.
Fortinet FortiOS IPS Engine>=7.4.0<=7.4.5
Fortinet FortiOS IPS Engine>=7.2.0<=7.2.10
Fortinet FortiOS IPS Engine>=7.0
Fortinet FortiOS IPS Engine>=6.4
Fortinet FortiProxy>=7.4.0<=7.4.5
Fortinet FortiProxy>=7.2
Fortinet FortiProxy>=7.0
Fortinet FortiWeb=.
Fortinet FortiWeb>=7.4.0<=7.4.4
Fortinet FortiWeb>=7.2
Fortinet FortiWeb>=7.0

Remedy

Disable the use of RADIUS/UDP and RADIUS/TCP - instead RADIUS/TLS or RADIUS/DTLS should be used.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-3596?

    CVE-2024-3596 has been categorized as a critical vulnerability affecting RADIUS implementations.

  • How do I fix CVE-2024-3596?

    To address CVE-2024-3596, it is recommended to apply the latest security patches provided by your software vendor.

  • Which products are affected by CVE-2024-3596?

    CVE-2024-3596 affects multiple products including Windows Server 2019, Windows 10, Windows Server 2008 R2, and various FreeRADIUS versions.

  • Is there a known exploit for CVE-2024-3596?

    Yes, CVE-2024-3596 is associated with a known exploit that allows attackers to bypass authentication in RADIUS systems.

  • When was CVE-2024-3596 reported?

    CVE-2024-3596 was reported by Nadia Heninger from the University of California San Diego.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203