Help
FortiDDoS
FortiDDoS protects from both known and zero day attacks with very low latency. It’s easy to deploy and manage, and includes comprehensive reporting and analysis tools.
Rajashekar
Staff
Staff

Created on ‎09-17-2024 01:40 AM Edited on ‎07-30-2025 04:19 AM By Community Manager

Article Id 341851

Technical Tip: How to address RADIUS Protocol Vulnerability CVE-2024-3596 (Blast-RADIUS) on FortiDDoS-F

Description This article describes how to address RADIUS Protocol Vulnerability CVE-2024-3596 (commonly known as Blast-RADIUS) on the FortiDDoS-F series.
Scope FortiDDoS-F Series (Fixed in v7.0.3, 6.6.4 above).
Solution

FortiDDoS will not be susceptible to CVE-2024-3596 if the Message-Authenticator Attribute configured as below:

 

Navigate to FortiDDoS CLI: RADIUS authentication:(

 

config system authentication radius

    set require-msg-auth

end

 

Note:

 Fixed in v7.0.3, v6.6.4 and above.

 

Related article: 

Technical Tip: FortiDDoS commands to open a new ticket to TAC
531
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.