You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
md5 vulnerability
About this tag
The md5 vulnerability tag covers discussions about CVE-2024-3596, a high-severity RADIUS protocol forgery issue affecting Hitachi Energy XMC20 and FOX61x devices. The vulnerability allows an on-path attacker to forge RADIUS responses by exploiting a chosen-prefix collision attack against the MD5-based Response Authenticator. Mitigation involves enabling RADIUS Message-Authenticator verification on both the device and RADIUS servers, along with applying vendor firmware updates. These threads focus on enterprise network equipment and security hardening steps for RADIUS authentication.
Hitachi Energy has confirmed that certain XMC20 multiservice communication platforms are exposed to a high‑severity RADIUS protocol forgery—tracked as CVE‑2024‑3596—when the devices are configured to use remote RADIUS authentication, and it is urging operators to enable RADIUS...
Hitachi Energy has confirmed that certain FOX61x devices are affected by a critical RADIUS protocol vulnerability (tracked as CVE‑2024‑3596) that allows an on‑path attacker to forge RADIUS responses by exploiting a chosen‑prefix collision attack against the MD5‑based Response Authenticator...