Information about a reported IT vulnerability Apache Log4j

ADVISORY STATUS: UNDER INVESTIGATION

 

DATE: December 22, 2021

 

OVERVIEW

ASSA ABLOY Opening Solutions Americas are actively investigating the vulnerability of the commonly used Java logging utility Apache Log4j, disclosed on December 9, 2021.
The investigation follows our security incident response policy to identify affected products, IT systems, and third-party systems and determine mitigation measures.

Upon learning about Apache Log4j, ASSA ABLOY Opening Solutions Americas immediately initiated an investigation assessing any potential implications for our customers. At this time, we have cleared all vulnerabilities from affected products in Opening Solutions Americas, with the exception of self-hosted Medeco CLIQ web manager applications - please click the link below for more information. We will continue to monitor the situation and update this advisory if it changes.

Security remains central to everything we do as a company, and we are constantly monitoring our operations and procedures and taking measures to protect our IT systems.

Medeco CLIQ Log4j