Hitachi Energy Patches a Blast-RADIUS Flaw in FOX61x
Take action: First, make sure your industrial network is isolated from the internet and accessible only from trusted networks. Then plan a patch for your Hitachi FOX61x devices and your RADIUS servers.
Learn More
CISA and Hitachi Energy report a patch of a critical flaw in its FOX61x communication platform, caused by the "Blast-RADIUS" vulnerability in the RADIUS protocol.
The flaw is tracked as CVE-2024-3596 (CVSS score 9.0) - an improper enforcement of message integrity vulnerability in the RADIUS protocol (RFC 2865) that allows for packet forgery.
Attackers can perform a chosen-prefix collision attack against the MD5 Response Authenticator signature to transform an Access-Reject response into an Access-Accept response. By intercepting and modifying these packets in transit, an unauthenticated attacker can gain full unauthorized access to the device management interface. This exploit defeats the protocol's integrity checks by exploiting the predictable nature of MD5-based signatures without needing the shared secret.
The vulnerability affects several versions of the Hitachi Energy FOX61x platform. FOX61x version R18 and all versions including and prior to R17A are known to be affected.
Hitachi Energy recommends that users update to FOX61x R18 and enable the 'RADIUS Message-Authenticator' option on both the device and the RADIUS server.
If an immediate upgrade is not possible, administrators should segment management traffic to isolate the devices from broader networks.
