Chuyển động số

Vulnerability allows hackers to attack technology systems in Vietnam

The National Cyber ​​Security Monitoring Center (NCSC) under the Information Security Administration has sent a warning about the security vulnerability CVE-2022-1388 in the F5 BIG-IP product to the information technology unit. domestic.

Accordingly, on May 4, network and cloud security solutions provider F5 announced a vulnerability with code CVE-2022-1388 in their BIG-IP iControl REST product.

Vulnerability warning allows hackers to attack technology systems in Vietnam - Photo 1.

Illustration. (Source: NCSC).

This security vulnerability is assessed to have a serious impact that allows an unauthenticated attacker to execute arbitrary commands, create or delete files, disable services, take control system.

Preliminary assessment of NCSC shows that Vietnam currently has hundreds of information systems using F5 BIG-IP products to protect important web-based systems such as public services, financial systems. , data management system…

These systems, according to the NCSC representative, will be the target that hackers prioritize, thereby performing more dangerous attacks.

Therefore, the Information Security Administration recommends that units check and review information systems potentially affected by the above vulnerability and make plans for handling and remediation. In case affected by vulnerability CVE-2022-1388, units need to update the patch in time.

“The best remedy is to update the patch for the security hole according to the company’s instructions. If the patch cannot be updated, the unit needs to take alternative remediation steps to reduce the risk of being attacked. such as blocking iControl REST access via IP address, blocking iControl REST access through management interface, modifying BIG-IP httpd configuration,” NCSC expert guides.

In addition, the Department of Information Security also suggested that agencies, organizations and enterprises review the entire information system of their units, regularly check and evaluate to proactively detect and promptly handle them. time of security holes…

In case of necessity, agencies, organizations and enterprises can contact the support focal point of the Information Security Administration, which is the National Cybersecurity Monitoring Center at phone number 02432091616 and email [email protected].

You are reading the article Vulnerability allows hackers to attack technology systems in Vietnam
at – Source: – Read the original article here

Back to top button