Risk of cyber attacks on Vietnamese systems from vulnerabilities in WSO2 products

The risk of cyberattacks on Vietnamese systems from the security flaw CVE-2022-29464 in WSO2’s products has just been warned by the Information Security Department, the Ministry of Information and Communications to the specialized IT units of ministries, sectors, local; state corporations and corporations; banks, financial institutions; and a system of specialized information security units.

The Information Security Administration said that on April 1, WSO2 announced a security vulnerability CVE-2022-29464 (WSO2-2021-1738) affecting WSO2 products including WSO2 API Manager, WSO2 Identity Server, WSO2 Enterprise Integrator. This vulnerability has a CVSS score of 9.8 (Severe), allowing an attacker to upload arbitrary files to a server from which to remotely execute code.

WSO2 provides open source software products that are commonly used by organizations with large-scale information systems as a centralized data sharing solution. Therefore, according to the preliminary assessment of the National Cyber ​​Security Monitoring Center (NCSC), the Information Security Administration, the impact of this vulnerability is very large.

Experts from the National Cybersecurity Monitoring Center also added that currently, through the professional system, the Center has recorded many systems affected by the vulnerability CVE-2022-29464.

In the case of being affected by vulnerability CVE-2022-29464, organizations need to upgrade their software to the latest version or implement alternative remedies to reduce the risk of attack. (Artwork: Internet).

In order to ensure information security for the unit’s information system, contributing to ensuring the safety of Vietnam’s cyberspace, the Information Security Administration recommends agencies, organizations and businesses to check and review control and verify information systems using WSO2 products. If affected, the unit should upgrade to the latest version or implement alternative remedies to reduce the risk of attack.

Agencies, organizations and businesses also need to strengthen supervision and be ready to deal with signs of being exploited or hacked; at the same time, regularly monitor the warning channels of authorities and large organizations on information security to promptly detect cyberattack risks.

In case of needing support, agencies, organizations and enterprises can contact the support focal point of the Information Security Administration, which is the National Cyber ​​Security Monitoring Center (NCSC) by phone number: 02432091616 and email address

In an earlier sharing with ICTnews, a representative of the Information Security Department said: The patch update to fix weaknesses and vulnerabilities on software, products or information systems of current agencies and organizations has now been of interest. In addition, the Information Security Administration has continuously warned organizations and businesses in many forms.

However, the time from when the security hole is made public on the network until the hacker attacks exploit the information system through these vulnerabilities is very short. “Therefore, agencies and units need to increase the speed of updating information about patches to promptly act before the vulnerability is exploited, along with more drastic communication about the risk and level of danger. of attacks through these vulnerabilities, so that investors as well as users are interested in and better understand the security situation for products and services in use.“, the representative of the Information Security Department noted.