Issue
- Blast-RADIUS CVE-2024-3596 is a vulnerability in ESET Secure Authentication (ESA) that affects the RADIUS protocol
Solution
On August 20, 2024, ESET released a hotfix to address RADIUS vulnerability CVE-2024-3596. RADIUS is a common protocol used for authentication, authorization, and accounting for networked devices on enterprise and telecommunication networks.
Apply the following settings in ESA to mitigate your risk:
In the RADIUS Servers configuration screen, click Attributes.
If your RADIUS client supports the Message-Authenticator attribute, in the Built-in attributes section, select the check box next to Require Message-Authenticator attribute.
Figure 1-1
