Friday , January 3 2025

Patch Now! Cisco Confirms Critical RADIUS Protocol Vulnerability

infosecbulletin Monday , July 29 2024 Vulnerabilities

Cisco has issued a security advisory (CVE-2024-3596) in the RADIUS protocol, which is widely used for network access authentication and authorization. This vulnerability could let an attacker bypass multi-factor authentication (MFA) and gain unauthorized network access.

The vulnerability is due to a problem in the MD5 Response Authenticator signature in the RADIUS protocol. An attacker with network access can exploit this to bypass authentication and gain unauthorized access to sensitive network resources.

Memory-Dump-UEFI
Researcher dumping memory to bypass BitLocker on Windows 11

By infosecbulletin / Thursday , January 2 2025
Researchers have demonstrated a method to bypass Windows 11’s BitLocker encryption, enabling the extraction of Full Volume Encryption Keys (FVEKs)...
Read More
Memory-Dump-UEFI Researcher dumping memory to bypass BitLocker on Windows 11

CVE-2024-49112
PoC Exploit Released for Zero-Click vulnerability in Windows

By infosecbulletin / Thursday , January 2 2025
SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. This critical...
Read More
CVE-2024-49112 PoC Exploit Released for Zero-Click vulnerability in Windows

Financial Threat Assessment 2024
BCSI marks Bangladeshi 28 banks high, 10 medium for cyber attack

By infosecbulletin / Tuesday , December 31 2024
Bangladesh Cyber Security Intelligence (BCSI) has published Financial Threat Assessment report for 2024. In an era where financial institutions and...
Read More
Financial Threat Assessment 2024 BCSI marks Bangladeshi 28 banks high, 10 medium for cyber attack

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster

By infosecbulletin / Tuesday , December 31 2024
Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could...
Read More
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster

US Treasury says it was hacked by China via third party: Beijing denies

By infosecbulletin / Tuesday , December 31 2024
The US Treasury Department said on Monday that Chinese-linked hackers were able to gain access to ‘unclassified documents’ after compromising...
Read More
US Treasury says it was hacked by China via third party: Beijing denies

PoC Exploited Released for Oracle Weblogic Server Vul

By infosecbulletin / Monday , December 30 2024
Security researchers have warned that a Proof-of-Concept (PoC) exploit has been publicly released for a critical vulnerability affecting Oracle WebLogic...
Read More
PoC Exploited Released for Oracle Weblogic Server Vul

Microsoft warn dev urgently to update .NET installer link

By infosecbulletin / Monday , December 30 2024
Microsoft is forcing .NET developers to quickly update their apps and developer pipelines so they do not use 'azureedge.net' domains...
Read More
Microsoft warn dev urgently to update .NET installer link

Look back; The Worst Hacks of 2024

By infosecbulletin / Monday , December 30 2024
In 2024, digital security experienced major breaches as cybercriminals and state-backed groups exploited vulnerabilities for large-scale attacks. These incidents were...
Read More
Look back; The Worst Hacks of 2024

HIPAA to be updated with new cybersecurity regulations, White House

By infosecbulletin / Sunday , December 29 2024
Proposed new cybersecurity rules for healthcare institutions will focus on how they protect user data under HIPAA, as stated by...
Read More
HIPAA to be updated with new cybersecurity regulations, White House

New NGate Trojan Drains Bank Accounts via ATMs

By infosecbulletin / Sunday , December 29 2024
Malware analysts at Doctor Web have identified new versions of the NGate banking trojan. This malware steals data from the...
Read More
New NGate Trojan Drains Bank Accounts via ATMs

Cisco has confirmed that a wide range of its products are affected by this vulnerability, including:

Network and Content Security Devices:

Adaptive Security Appliance (ASA) (CSCwk71992)
Firepower Device Manager (FDM) (CSCwk69454)
Firepower Management Center (FMC) Software (CSCwk71817)
Ezoic
Firepower Threat Defense (FTD) Software (CSCwk67902)
Identity Services Engine (ISE) (CSCwk67747)
Secure Email Gateway (CSCwk70832)
Secure Web Appliance (CSCwk70834)

Network Management and Provisioning:

Application Policy Infrastructure Controller (APIC) (CSCwk70836)
Crosswork Change Automation (CSCwk70850)
Nexus Dashboard (CSCwk70840)
Routing and Switching – Enterprise and Service Provider:
ASR 5000 Series Routers (CSCwk70831)
Catalyst SD-WAN Controller (CSCwk70854)

Unified Computing:

UCS Central Software (CSCwk71967)
UCS Manager (CSCwk70842)

Cisco has confirmed that the following products are not affected by this vulnerability:

Nexus Dashboard Insights
Secure Workload
Firepower 4100/9300 FXOS Firepower Chassis Manager
Secure Malware Analytics Appliance
Umbrella Active Directory (AD) Connector
Cisco Evolved Programmable Network Manager (EPNM)
DNA Spaces Connector
Policy Suite
Ultra Cloud Core – Policy Control Function
UCS B-Series Blade Servers
Various Aironet and Catalyst series access points and wireless LAN controllers

The Cisco Product Security Incident Response Team (PSIRT) is aware of proof-of-concept exploit code available for this vulnerability but has not detected any malicious exploitation in the wild.

Cisco advises customers to promptly apply the available patches for their affected products. There are no workarounds for this vulnerability.

Check Also

Oracle Weblogic Server

PoC Exploited Released for Oracle Weblogic Server Vul

Security researchers have warned that a Proof-of-Concept (PoC) exploit has been publicly released for a …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin