Original release date: December 10, 2021
The Apache Software Foundation has released a security advisory to address a remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. A remote attacker could exploit this vulnerability to take control of an affected system. Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services.
CISA encourages users and administrators to review the Apache Log4j 2.15.0 Announcement and upgrade to Log4j 2.15.0 or apply the recommended mitigations immediately.
This product is provided subject to this Notification and this Privacy & Use policy.
Today, CISA released a Malware Analysis Report detailing the functionality of two sets of malware…
CISA released eight Industrial Control Systems (ICS) advisories on September 16, 2025. These advisories provide…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released eleven Industrial Control Systems (ICS) advisories on September 11, 2025. These advisories provide…
CISA released fourteen Industrial Control Systems (ICS) advisories on September 9, 2025. These advisories provide…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
This website uses cookies.