A remote code execution vulnerability (CVE-2021-44228) has been identified in the Log4j library, one of the most widely used Java-based logging utilities globally.
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published an alert about the vulnerability with detailed advice.
The ASD's ACSC has seen large volumes of reconnaissance scans by malicious actors attempting to find Australian entities vulnerable to the Log4j vulnerability. Multiple attackers are exploiting this flaw in Australia and globally, and the ASD's ACSC is aware of around 400 vendors who may use the Log4j library.
The ASD's ACSC is working with a significant number of victims and affected vendors across all sectors of the economy.
Affected Australian organisations should update to the latest available patch for all affected products and continue to monitor for new patches as they become available.
Advice and mitigations are available for all Australian organisations, and the ASD's ACSC National Hotline 1300 CYBER1 (1300 292 371) is able to provide assistance as required.