In case you have not seen the media coverage concerning this issue or are curious how the blyCloud team is responding, we would like to make you aware of the situation and how we are mitigating. A security advisory has been released warning of a Zero Day exploit, the Apache LOG4j 2 (CVE-2021-44228) vulnerability, that impacts all software applications and devices (servers, network switches, etc.) running Java-based software, collectively referred to as “products”. The vulnerability can potentially allow execution of malicious code remotely that can result in taking control of the affected products.
The blyCloud team has been working through the weekend and is continuing to evaluate potentially affected products and taking corrective action while we await updates from our vendors. We will continue to provide you with updates as we receive them, promptly evaluate any fixes or workarounds released, and will contact you to address any of your systems affected by the vulnerability.