Over the weekend, a high severity security vulnerability in the Java-based log4j logging framework (CVE-2021-44228) was reported and is actively exploited. This exploit is also known as “log4shell” and provides a vector for remote code execution.
Security is a top priority at MPS Monitor, so we have been actively reviewing our infrastructure to assess our exposure to this vulnerability and ensure we continue to maintain a secure environment for you and your customers.
As a result of this full and extensive assessment, we can state that MPS Monitor does not have of any risk coming from this vulnerability.
More in details:
On those applications, we have checked extensively, and we can confirm that the Log4J version we use is not among those affected by the vulnerability.
We have also checked that the classes and functions that can be exploited by the vulnerability are not present in any of the Embedded versions currently distributed nor in previous versions.
So, we can officially state that CVE-2021-44428 does not affect in any way the security of the MPS Monitor system. There is no action needed from you nor from MPS Monitor because of this vulnerability.
If you are using MPS Monitor to manage your customer’s printing devices, you can forward this message to them and give them full peace of mind on the level of security that your remote management system provides.
If you wish to know more about MPS Monitor’s overall security posture, please read the Keypoint Intelligence MPS Platform Security White Paper: https://www.mpsmonitor.com/docs/MPSMonitor_PlatformSecurity.pdf
New features and solutions now available, visit our site and Request a Demo to find out more.