Critical vulnerability in Apache Log4j discovered

Millions of Java applications use this library to log error messages. Attackers are already actively exploiting this vulnerability. For this reason, the Apache Foundation recommends all developers to update the library to version 2.15.0, and if this is not possible, use one of the methods described on the Apache Log4j Security Vulnerabilities page.

The vulnerability, named CVE-2021-44228, also named Log4Shell or LogJam, is a Remote Code Execution (RCE) class vulnerability. If attackers manage to exploit it on one of the servers, they gain the ability to execute arbitrary code and potentially take full control of the system. What makes CVE-2021-44228 especially dangerous is the ease of exploitation: even an inexperienced hacker can successfully execute an attack using this vulnerability.

Working Proofs of Concept (PoC) for the attacks via CVE-2021-44228 are already available on the Internet. Therefore, it’s not surprising that cybersecurity companies are already registering massive network scans for vulnerable applications as well as attacks on honeypots.

Apache Log4j is part of the Apache Logging Project. By and large, usage of this library is one of the easiest ways to log errors, and that is why most Java developers use it. Many software companies and online services use the Log4j library, including Amazon, Apple iCloud, Cisco, Cloudflare, ElasticSearch, Red Hat, Steam, Tesla, Twitter, and many more. Because of the library being so popular, some information security researchers expect a significant increase in the attacks on vulnerable servers over the coming days.