Blast-RADIUS: Breaking RADIUS, the de facto Standard Protocol for Authentication, Authorization and Accounting for Networked Devices

Discover the Blast-RADIUS vulnerability in this 32-minute Black Hat conference talk that exposes critical security flaws in RADIUS, the widely-used protocol for authentication and authorization. Learn how this vulnerability allows man-in-the-middle attackers to authenticate themselves to devices using RADIUS, affecting network routers, industrial control systems, VPNs, enterprise Wi-Fi networks (including Eduroam), Linux Pluggable Authentication Modules, and mobile roaming services. Understand which deployments are vulnerable, particularly those running RADIUS over UDP within enterprise networks or across the public Internet, and which configurations remain secure (those using EAP authentication or RADIUS over TLS). Presented by security researcher Miro Haller, this briefing provides essential insights for network security professionals responsible for systems utilizing RADIUS authentication.