Recently, a new Java exploit (CVE-2021-44228) was discovered that enables bad actors to trick systems into downloading and executing malicious code. Ecessa products do not use Java or log4j and are not vulnerable to this issue. No action is required by our customers in regard to their Ecessa products.
What is Log4J?
Log4j is a java-based logging package used by developers to log errors. Due to the popularity of the log4j library, many major publishers and manufacturers have been assessing their software to determine whether it has been impacted or not. Big names like Amazon, Apple iCloud, Cisco, Cloudflare, ElasticSearch, Red Hat, Steam, Tesla, Twitter, and many others make use of the log4j library.
What This Means
Any application that relies on the impacted versions of the log4J library and is open to the public (typically a website or public facing SAS solution) is vulnerable. The vendor that created the application will have to provide a patch to address the vulnerability. Vendors are working quickly to provide such patches.
Blocking Exploit Attempts with Ecessa IDS/IPS
Ecessa’s built-in firewall can be used to block exploit attempts. See this documentation for set up instructions:
https://support.ecessa.com/hc/en-us/articles/4416574842637-CVE-2021-44228-Log4Shell
You’ll find more information about this vulnerability at the advisory source:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
CVE® is a list of publicly disclosed cybersecurity vulnerabilities.