To secure the nation’s digital landscape, BGD e-GOV CIRT, the country’s national cyber security organization, has identified and issued warnings regarding seven critical vulnerabilities in the country's information infrastructure.
The notification signed by the BGD e-GOV CIRT Director Mohammad Saiful Alam Khan was issued on Thursday.
The notification was issued as part of the growing cyber risk after identifying dangerous threats following a week of monitoring.
The agency, responsible for overseeing cyber security, keeps alerting vendors and the public about potential threats to the digital ecosystem.
The CVEs (Common Vulnerabilities and Exposures) that are found in the seven vendors are F5 Networks, Apache, Juniper, Citrix, and three Altassian.
According to the notification, it was found that the highest CVSS (Common Vulnerability Scoring System) score was 10 in three cases. Among them, ‘Suspicious’ data has been detected in Apache server’s open wire protocol.
Equal scores were found in Atlassian’s two CVEs. Out of the remaining five, Juniper’s Junos OS is the most widely used F5 network in Bangladesh with a score of 9.8. Also found in Atlassian is remote code execution. And the rest of Citrix had a CVS score of 9.4 due to defects in its NetScaler ADC and Gateway.
With the highest CVSS score of 10 in three cases, including Apache and Atlassian vulnerabilities, the risks were promptly communicated to the respective vendors. Vendors are said to take immediate actions to update network systems and eliminate these vulnerabilities from the digital infrastructure.
In response to the growing cyber risk, CIRT has given a few pieces of advice to the vendors. These include, increasing overall cyber security efficiencies, taking initiatives to identify and mitigate vulnerable threats, investigating the root causes of vulnerabilities, conducting regular cyber security training, monitoring network communication logs of the last six months, and implementing Vulnerability Assessment and Penetration Testing (VAPT) regularly.
This proactive approach aims to enhance the nation’s cyber resilience and prevent potential cyber attacks. As Bangladesh takes steps to fortify its digital defenses, vigilance and collaborative efforts among stakeholders remain crucial for a secure cyber environment.
