Serious vulnerability in common software Log4j

A serious vulnerability been discovered in Log4J, a common software that is in general use. Log4j (CVE2021-44228) is an open-source Java logging library and is part of the Apache environment.

More information can be found here.

In accordance with Hugvit’s procedures (ISO 27001), Hugvit’s experts began to analyze the situation as soon as a notification was received to respond and find solutions with the aim of eliminating this threat.

At this point, there are no indications that updates to Hugvit’s GoPro Foris systems are needed due to these vulnerabilities, but if vulnerabilities are identified during further review, they will be addressed.

The risks associated with these security vulnerabilities will continue to be identified, including those who use other technologies (JAVA) and come up with updates or recommendations, if needed.

We are in good communication with our suppliers regarding this issue and will work on solutions in collaboration with them.