Security advisories

Critical Apache Zero-Day Vulnerability 

December 10, 2021 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

THE THREAT

On December 9th, security researchers released details and Proof-of-Concept (PoC) exploit code for Remote Code Execution vulnerability impacting the Apache Log4j Java-based logging library. The vulnerability is now tracked as CVE-2021-44228 (CVSS: 10); exploitation will allow a remote and unauthenticated threat actor to take control of systems with vulnerable versions of Apache Log4j.

There are reports of ongoing exploitation of CVE-2021-44228 in the wild. eSentire has observed exploitation attempts as of December 10th, 2021. Organizations are strongly recommended to ensure security patches are deployed or alternative mitigations are enabled.

What we’re doing about it

What you should do about it

Additional information

CVE-2021-44228 is alternatively known as Log4Shell or LogJam and impacts systems with Log4j 2.0-beta9 up to 2.14.1.

This vulnerability is highly concerning as impacted versions of Apache Log4j Java-based logging library are widely used in a variety of products. Confirmed impacted platforms include cloud services such as Steam and Apple iCloud, applications such as Minecraft, and Apache frameworks including Apache Struts2, Apache Solr, Apache Druid, and Apache Flink. Vendor products including vulnerable Log4j versions will be required to release security updates. The impacted product list will expand as vendors address this issue.

References:

[1] https://nvd.nist.gov/vuln/detail/CVE-2021-44228
[2] https://www.cyberkendra.com/2021/12/worst-log4j-rce-zeroday-dropped-on.html

View Most Recent Advisories