Teltek has been made aware of a vulnerability flaw in Log4j. This could potentially affect some Teltek customers so we are proactively taking action to ensure your network remains secure.
What is the Log4j Vulnerability?
The flaw in Log4j, a Java library for logging error messages in applications, is the most high-profile security vulnerability on the internet right now and comes with a severity score of 10 out of 10.
The library is developed by the open-source Apache Software Foundation and is a key Java-logging framework., a remote code execution flaw in Log4j, was already being exploited in the wild, warnings have been issued by several national cybersecurity agencies, including the Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC).
WHAT DEVICES AND APPLICATIONS ARE AT RISK?
Basically any device that's exposed to the internet is at risk if it's running Apache Log4J, versions 2.0 to 2.14.1. NCSC notes that Log4j version 2 (Log4j2), the affected version, is included in Apache Struts2, Solr, Druid, Flink, and Swift frameworks.
WHAT IS TELTEK DOING TO PROTECT YOU?
Please be aware no action on your part is required to protect your network or services. Teltek in is the process of scanning all networks, tools and third party software to ensure there Log4j logs, and that all devices have the latest updates and patches. We are also ensuring that the latest version of Apache is installed since it effectively kills Log4j.
There is no indication that any Teltek partner has been compromised. We will continue to perform security measures to ensure you remain unaffected.
If you have any questions, please contact firstname.lastname@example.org
Thank you for your continued partnership.