This advisory is the eduroam response to the attack “Blast!RADIUS – RADIUS/UDP considered harmful” as published on 09 July 2024 at https://blastradius.fail .

Readers are encouraged to read the FAQs on that website and https://www.inkbridgenetworks.com/blastradius/faq prior to reading the details of this advisory.

Conclusions:

• govroam authentications are NOT affected by this attack.

This eduroam PDF applies equally to govroam:

https://eduroam.org/wp-content/uploads/2024/07/eduroam-blast-vulnerability.pdf