Number: AV21-640
Date: 15 December 2021
On 15 December 2021 ABB published a Security Advisory to investigate and address a critical vulnerability, tracked as CVE-2021-44228, which may affect multiple products using the Apache Log4j logging utility.
Exploitation of this vulnerability could lead to remote code execution.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates when available.
ABB Security Advisory
https://search.abb.com/library/Download.aspx?DocumentID=9ADB012621&LanguageCode=en&DocumentPartId=&Action=Launch
Apache Security Advisory (AV21-626)
https://cyber.gc.ca/en/alerts/apache-security-advisory-4
Active Exploitation of Apache Log4j Vulnerability (AL21-019)
https://cyber.gc.ca/en/alerts/active-exploitation-apache-log4j-vulnerability