A logging tool, Log4j is vulnerable to the following issues: CVE-2017-5645, CVE-2020-9488, CVE-2021-44228, CVE-2021-44832, CVE-2021-45046, and CVE-2021-45105. For the detailed information of these vulnerabilities, please refer to the Description section of the Apache Log4j Security Vulnerabilities page.
At the time of publication, none of Moxa’s products are affected by these vulnerabilities.
Moxa's Product Security Incident Response Team (PSIRT) will keep monitoring the situation and if there are any updates to the status of the vulnerability that affects Moxa's products, we will provide an update immediately.