HB Ad Slot
HB Mobile Ad Slot
CRITICAL ALERT: Log4Shell
Monday, December 13, 2021

We want to make our readers and your security operations aware of a critical vulnerability that is actively being exploited in the wild.

CVE-2021-44228 can easily be exploited to gain complete access to the targeted system by getting the application to log  a specially crafted string.

Government organizations and the private sector are responding to the disclosure of a critical vulnerability affecting the widely used Log4j logging utility, as exploitation attempts are on the rise.

Tracked as CVE-2021-44228 and dubbed Log4Shell — that can be exploited to gain complete access to the targeted system by getting the affected application to log a specially crafted string.

Palo Alto Networks has an analysis here.

The list of affected companies and software includes Apple, Tencent, Twitter, Baidu, Steam, Minecraft, Cloudflare, Amazon, Tesla, IBM, Pulse Secure, Ghidra, ElasticSearch, Apache, Google, Webex, LinkedIn, Oracle, Cisco and VMware. The list is being regularly updated.

HTML Embed Code
HB Ad Slot
HB Ad Slot
HB Mobile Ad Slot
HB Ad Slot
HB Mobile Ad Slot
 
NLR Logo
We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins