Update 4 – Highly Critical Zero-Day Vulnerability Java Library Log4j (CVE-2021-44228)
16th December 2021
The analysis of the 3rd party products used in VIVAVIS projects, based on the information provided by the manufacturers, has yielded the following results (as of 13:00h today).
The 3rd party products used by VIVAVIS AG and affected by the vulnerability are embedded in a multi-level firewall architecture. These systems do not have direct connections to the Internet. Therefore, the risk of an attack on these products is considered low.
If you as a customer/user of the component HIGH-LEIT-AppServer or HIGH-LEIT-Netzmanagement / ACOS NMS Version 3.22.xx have not been contacted by us until today, please contact our Costumer Center immediately!
If you have further questions or need technical support, please feel free to contact our Costumer Center.
* VIVAVIS cannot assume liability for the abovementioned statements. The above statements are based on information received from the OEM manufacturers; despite utilizing best efforts to corroborate and validate said information, VIVAVIS cannot rule out that security issues might otherwise still exist.
Our RSS feed always keeps you up to date! This way, you’ll receive same-day notification when a new article has been posted to the IT Security Bulletin. Just enter the following link in your feed reader:
You can find out how to integrate the RSS feed into Outlook here.