On December 9 and 14, 2021, two vulnerabilities in Apache's Log4j software library, collectively referred to as "Log4Shell," were published as CVE-2021-44228 and CVE-2021-45046. These CVEs impact all unpatched versions of Log4j from 2.0-beta9 to 2.15.0-rc2.

We have audited our systems and found our Nexio product line does not use the affected software library, and our Slyce product line does not use the affected versions of this library. No remediation action is required by Nexio or Slyce customers and partners.

Despite this, we have been monitoring developments regarding the Log4Shell vulnerabilities since they were initially disclosed and have configured our perimeter security devices to block any related scanning or exploit attempts. Additionally, we continuously monitor our internal environment for this, as well as other known vulnerabilities.

If you have additional questions please contact us at 1-801-623-4000