ScopServ is aware of the Apache log4j vulnerability and has completed verification that this issue does not affect ScopTEL products or services.
Log4j is a java addon, no ScopTEL code is written in Java.
On December 9th 2021, Apache published a zero-day vulnerability (CVE-2021-44228) for Apache Log4j being referred to as “Log4Shell”. This vulnerability has been classified as “Critical” with a CVSS score of 10, allowing for Remote Code Execution with system-level privileges.
When exploited, this vulnerability allows an attacker to run arbitrary code on the device, giving full control over to the attacker. Any device exploited should be considered compromised, potentially along with any devices that trusted the compromised device.