Spring4Shell vulnerability in the web application writing toolkit has the potential to pose a risk of large-scale cyber attacks in the near future in Vietnam.
The forecast of the risk of attack through the Spring4Shell vulnerability was sent by the Information Security Department – the Ministry of Information and Communications to specialized information technology units in Vietnam. In particular, the Spring4Shell vulnerability is rated at a high level of danger, has not been patched, and the exploit code has been distributed on the Internet. If the exploit is successful, an attacker can remotely execute code and take control of the system.
“With the exploit code published on the Internet, this vulnerability will be exploited by targeted attack groups (APTs) to carry out large-scale attacks in the near future,” the Monitoring Center said. National Cyber Security Survey (NCSC) forecast.
NCSC also said that, in fact, “detected signs of scanning and testing” into some information technology systems of agencies and organizations in Vietnam through the aforementioned vulnerability.
The Spring4Shell vulnerability exists in Spring Core – a core component in the Spring Framework open source code, which is commonly used in web applications today. About 50% of products written in Java use Spring Core. This vulnerability is also evaluated more dangerous than Log4Shell – one of the biggest vulnerabilities of the decade was discovered at the end of 2021.
Page BleepingComputer also confirmed the status of Spring4Shell vulnerability being exploited in many recent attacks. The experts of this security site said that exploiting Spring4Shell requires a simple http command. So an attacker can create scripts that automatically scan the Internet for vulnerable servers.
While waiting for the patch to be released, it is recommended that information systems take a number of measures to reduce the risk of being hacked. According to NCSC, systems need to be tested, reviewed and verified whether the system uses Spring Core or not. If affected, units can upgrade their applications and related components, and at the same time strengthen monitoring and ready solutions when detecting signs of network exploitation and attacks.
Luu Quy
at Blogtuan.info – Source: vnexpress.net – Read the original article here
