New Blast-RADIUS attack breaks 30-year-old protocol used in networks everywhere

The widely used network protocol RADIUS is vulnerable to a recently discovered attack that could allow adversaries to gain control over a range of services, including industrial control systems, telecommunications, and enterprise networks. The vulnerability stems from the protocol’s reliance on the MD5 hash function, which has proven to be weak against attacker-induced collisions. Immediate patches are available for a short-term fix, while a working group is preparing longer-term solutions for the issue.