Introduction
We've been investigating the 0-day vulnerability issue since it has been exposed and published by several cyber-security companies. In this article, we will explain the way Monitors AnyWhere systems are affected by this vulnerability.
Monitors AnyWhere Connect and MAWi
We can confirm that we are using LOG4NET libraries in our software (Monitors AnyWhere Connect & MAWi), which is a port of the LOG4J, but according to many knowledge sources, and consulting our cyber-security consultant, the vulnerability doesn't affect our software.
You can read more about it here:
Online Monitors AnyWhere
The Online Monitors AnyWhere application does not use Java and therefore does not use Log4J. It is therefore not possible for unauthorized parties, use this vulnerability, to gain access to the servers that run the application or the information that our customers manage.
We are, just as you, investigating with our suppliers to make sure that the applications that we use from them are not vulnerable to the Log4J security flaws in order to ensure that our organization and the information that we manage are not compromised in any way.