Germany’s federal cybersecurity watchdog, the BSI, on Saturday issued a red alert warning, its highest, on a flawed piece of widely-used software, saying it posed an “extremely critical threat” to web servers.
A vulnerability in a Java-based library known as Log4j can be exploited to allow a complete takeover of the affected system, the BSI said in a statement on its website.
“The reason for this assessment is the very wide distribution of the affected product and the associated impact on countless other products. The vulnerability is also easily exploitable, and a proof-of-concept is publicly available,” the BSI said.
“The BSI is aware of world- and Germany-wide mass scans as well as attempted compromises. Initial successful compromises are also being publicly reported,” it added.
The BSI said that although there was a security update for Log4j all products using it also needed to be adapted, recommending that companies and organisations implemented the measures outlined in the cyber security warning.
The team at Platform Executive hope you have enjoyed the ‘German cybersecurity watchdog issues red alert warning on software‘ article. Automatic translation from English to a growing list of languages via Google AI Cloud Translation. Initial reporting via our official content partners at Thomson Reuters. Reporting by Christoph Steitz. Editing by Raissa Kasolowsky.
You can stay on top of all the latest developments across the platform economy, find solutions to your key challenges and gain access to our problem-solving toolkit and proprietary databases by becoming a member of our growing community. For a limited time, our subscription plans start from just $16 per month.