Last week, the world learned of a critical security threat through a popular java package called Log4j. The FIN Framework platform is generally not affected, one connector is under investigation.
A critical security vulnerability was identified in the Apache Log4j library. Log4j is an open-source logging utility used in many Java applications. The security flaw could allow remote unauthenticated attackers to execute code on vulnerable systems.
We thoroughly analyzed our product portfolio, and we firmly concluded that the flaw does not affect our general platform. Only one connector which needs to be activated separately and has only been implemented in a few projects worldwide might pose a risk. Customers affected have been addressed separately via E-Mail.
For more information regarding the vulnerability, please follow Siemens CERT here.
B. Scott Muench
Scott joined J2 Innovations as a partner in 2011, and is now Vice President of Customer Experience. He has a wide range of responsibilities including evangelism, business development, training, and operational excellence. Scott is well known as an industry expert in smarthomes and smart buildings. He is a past president of ASHRAE, and is currently a board member for Project Haystack. Scott attended Clarkson University for Mechanical Engineering and graduated with a BS/Business in Organizational Innovation.
View all articles
