Audinate Response to Apache Log4j Security Issue (CVE-2021-44228)
Affected Products / Versions: None known at this time.
Publication Date: 21 December 2021
Summary: Audinate products and services have no known exposure to the Apache Log4j security vulnerability (CVE-2021-44228) at this time. This FAQ will be updated if this situation changes.
Details: There have been recent concerns regarding the widespread exploitation of a critical remote code execution vulnerability (CVE-2021-44228) affecting Apache Log4j, a Java logging framework. Audinate has looked for and not identified the use of the Log4j library in any of our public products and services. Our investigation continues, but Audinate products and services have no known direct exposure to this vulnerability at this point in time.
Beyond Audinate’s core products and services, Audinate utilises software products & cloud services from a range of third parties across our business. We will continue to systematically evaluate these for exposure and take remediation action as appropriate.
Remediation: None necessary at this time. This FAQ will be updated if this situation changes.