Are AMX devices susceptible to the Apache Log4j vulnerability (CVE-2021-4428) or other related Log4j vulnerabilities (CVE-2021-45046)?
A zero-day vulnerability was identified in the Apache Log4j logging software on Friday December 10th 2021 (CVE-2021-44228). A related log4j vulnerability was identified on Tuesday December 14th 2021 (CVE-2021-45046). These vulnerabilities could allow bad actors to take control of organizational networks.
AMX has assessed all products and services for usage of the Log4j logging software and has concluded that there is no risk of exposure to the Apache Log4j vulnerabilities described by CVE-2021-44228 or CVE-2021-45046.