A zero-day vulnerability in Apache logging library Log4j found the CISOs leading the charge to update and patch systems or put in place a manual mitigation. The exploit leaves some of the world's most popular applications and services vulnerable to attack.
An unethical hacker with knowledge and access could use this vulnerability and target servers using this logging capability with remote code execution on servers.
Fortalice advises all clients to take the Log4J vulnerability seriously. It's the highest severity score on the charts and a CISO cannot remediate alone. This explainer covers the issue and priority steps for organizations to take.