services / Azure / Virtual network gateway
An Azure Virtual Network Gateway provides VPN (site-to-site / point-to-site) and ExpressRoute connectivity between an Azure VNet and on-premises or remote networks. It is the production network ingress/egress edge for hybrid connectivity.
A gateway is the trust boundary for a single VNet's hybrid/remote connectivity; control of it can expose or sever access to an entire private network and its hosted services.
Microsoft.Network/virtualNetworkGateways/listAllRadiusServersSecrets/action
Returns the RADIUS server shared secrets used for VPN authentication, exposing reusable credential material that lets an attacker impersonate the gateway/RADIUS trust and pivot to the authentication backend.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security