ICS Vendors Respond to Log4j Vulnerabilities

From securityweek.com

ICS vendor responses to Log4j vulnerabilities

SecurityWeek has compiled a list of the advisories published by industrial control system (ICS) and other industrial-related vendors in response to the recent Log4j vulnerabilities.

Several vulnerabilities have been discovered in the Log4j logging utility since early December, but the most important of them is CVE-2021-44228, which has been dubbed Log4Shell. Log4Shell has been exploited in many attacks by cybercriminals and state-sponsored threat actors, including against industrial organizations.

Major companies that provide industrial services and solutions have released advisories to inform customers about the impact of the Log4j vulnerabilities. This article presents the information that is currently available from vendors, but their advisories may be updated with additional impacted products or versions.

Read more…