A zero-day vulnerability in the widely used Java library “Log4j” became known at the end of last week. The vulnerability is classified as critical because the library is built into very many Java applications. In addition, the vulnerability allows an attacker to remotely execute arbitrary code (“Remote Code Execution” – RCE). The vulnerability is already being actively exploited by cybercriminals to infect vulnerable systems with malware.
Source admin.ch, further information: Critical vulnerability in Java library«Log4j» (admin.ch)
Our specialists have checked our applications for vulnerability due to this weakness.
Our software solutions are not affected by the “Log4j” vulnerability.
The cloud solutions operated by 1ClickFactory are also not affected by the security vulnerability.