A recent critical security vulnerability was discovered in a popular software library called Log4j used by many applications worldwide.
The security vulnerability is called Log4j2 (or Log4Shell) and is categorized as a “remote code execution” type. A malicious actor can execute code remotely and bypass common security controls, such as authentication or authorization within the target system or application.
On December 10, the Apache Foundation released a security update that resolves the critical vulnerability in the Java-based tool Apache Log4j.
At present, Telit hasn’t found any signs that we or our customers are at risk. We are monitoring the situation closely and are at the highest state of readiness in case the threat escalates.
For more details, please contact the Telit security team and select “Security” under “I Am Writing About.”