The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch systems against the critical Log4Shell vulnerability and released mitigation guidance in response to active exploitation.
This follows threat actors’ head start in scanning for and exploiting Log4Shell vulnerable systems to deploy malware.
Even though Apache quickly released a patch to address the maximum severity remote code execution flaw (CVE-2021-44228) targeted by exploits publicly released on Friday, it only happened after attackers began deploying the exploits in the wild.
Since Apache Log4j is a ubiquitous dependency for enterprise applications and websites, it’s highly likely that its ongoing exploitation will eventually lead to widespread attacks and malware deployment.
We have also published an article with a list of vulnerable products and vendor advisories and more information on the Log4Shell vulnerability.