FG-IR-24-255: RADIUS Protocol CVE-2024-3596
First published: Tue Aug 13 2024(Updated: )
A fundamental design flaw within the RADIUS protocol has been proven to be exploitable, compromising the integrity in the RADIUS Access-Request process. The attack allows a malicious user to modify packets in a way that would be indistinguishable to a RADIUS client or server. To be successful, the attacker must have the ability to inject themselves between the client and server.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiADC | =. | |
| Fortinet FortiADC | >=7.4.0<=7.4.5 | |
| Fortinet FortiADC | >=7.2 | |
| Fortinet FortiADC | >=7.1 | |
| Fortinet FortiADC | >=7.0 | |
| Fortinet FortiADC | >=6.2 | |
| Fortinet FortiADC | >=6.1 | |
| Fortinet FortiADC | >=6.0 | |
| Fortinet FortiAnalyzer | =. | |
| Fortinet FortiAnalyzer | >=7.4.0<=7.4.5 | |
| Fortinet FortiAnalyzer | >=7.2.0<=7.2.9 | |
| Fortinet FortiAnalyzer | >=7.0 | |
| Fortinet FortiGuest | =. | |
| Fortinet FortiGuest | >=1.2.0<=1.2.1 | |
| Fortinet FortiGuest | >=1.1 | |
| Fortinet FortiGuest | >=1.0 | |
| Fortinet FortiManager | >=7.6.0<=7.6.1 | |
| Fortinet FortiManager | >=7.4.0<=7.4.5 | |
| Fortinet FortiManager | >=7.2.0<=7.2.9 | |
| Fortinet FortiManager | >=7.0 | |
| Fortinet FortiOS IPS Engine | =. | |
| Fortinet FortiOS IPS Engine | >=7.4.0<=7.4.5 | |
| Fortinet FortiOS IPS Engine | >=7.2.0<=7.2.10 | |
| Fortinet FortiOS IPS Engine | >=7.0 | |
| Fortinet FortiOS IPS Engine | >=6.4 | |
| Fortinet FortiProxy | >=7.4.0<=7.4.5 | |
| Fortinet FortiProxy | >=7.2 | |
| Fortinet FortiProxy | >=7.0 | |
| Fortinet FortiWeb | =. | |
| Fortinet FortiWeb | >=7.4.0<=7.4.4 | |
| Fortinet FortiWeb | >=7.2 | |
| Fortinet FortiWeb | >=7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of FG-IR-24-255?
FG-IR-24-255 has been identified as a critical vulnerability due to its potential to exploit the RADIUS protocol and compromise data integrity.
How do I fix FG-IR-24-255?
To remediate FG-IR-24-255, ensure your FortiADC, FortiGuest, and FortiProxy are updated to the latest recommended versions as specified in the advisory.
Which products are affected by FG-IR-24-255?
FG-IR-24-255 affects various versions of Fortinet products, including FortiADC, FortiGuest, and FortiProxy.
What is the nature of the exploitation for FG-IR-24-255?
FG-IR-24-255 allows attackers to modify RADIUS packets in a way that goes undetected by the RADIUS client or server.
What should I do if I am using vulnerable versions of Fortinet products related to FG-IR-24-255?
If using vulnerable versions of Fortinet products, it is crucial to update to the patched versions immediately to mitigate risks associated with FG-IR-24-255.
- collector/fortiguard-psirt-latest
- source/FortiGuard
- alias/CVE-2024-3596
- agent/source
- agent/type
- agent/last-modified-date
- agent/title
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- agent/event
- collector/fortiguard-psirt
- agent/software-canonical-lookup
- vendor/fortinet
- canonical/fortinet fortiadc
- version/fortinet fortiadc/.
- version/fortinet fortiadc/7.4.0
- version/fortinet fortiadc/7.4.5
- version/fortinet fortiadc/7.2
- version/fortinet fortiadc/7.1
- version/fortinet fortiadc/7.0
- version/fortinet fortiadc/6.2
- version/fortinet fortiadc/6.1
- version/fortinet fortiadc/6.0
- canonical/fortinet fortianalyzer
- version/fortinet fortianalyzer/.
- version/fortinet fortianalyzer/7.4.0
- version/fortinet fortianalyzer/7.4.5
- version/fortinet fortianalyzer/7.2.0
- version/fortinet fortianalyzer/7.2.9
- version/fortinet fortianalyzer/7.0
- canonical/fortinet fortiguest
- version/fortinet fortiguest/.
- version/fortinet fortiguest/1.2.0
- version/fortinet fortiguest/1.2.1
- version/fortinet fortiguest/1.1
- version/fortinet fortiguest/1.0
- canonical/fortinet fortimanager
- version/fortinet fortimanager/7.6.0
- version/fortinet fortimanager/7.6.1
- version/fortinet fortimanager/7.4.0
- version/fortinet fortimanager/7.4.5
- version/fortinet fortimanager/7.2.0
- version/fortinet fortimanager/7.2.9
- version/fortinet fortimanager/7.0
- canonical/fortinet fortios ips engine
- version/fortinet fortios ips engine/.
- version/fortinet fortios ips engine/7.4.0
- version/fortinet fortios ips engine/7.4.5
- version/fortinet fortios ips engine/7.2.0
- version/fortinet fortios ips engine/7.2.10
- version/fortinet fortios ips engine/7.0
- version/fortinet fortios ips engine/6.4
- canonical/fortinet fortiproxy
- version/fortinet fortiproxy/7.4.0
- version/fortinet fortiproxy/7.4.5
- version/fortinet fortiproxy/7.2
- version/fortinet fortiproxy/7.0
- canonical/fortinet fortiweb
- version/fortinet fortiweb/.
- version/fortinet fortiweb/7.4.0
- version/fortinet fortiweb/7.4.4
- version/fortinet fortiweb/7.2
- version/fortinet fortiweb/7.0