Log4j zeroday vulnerability does not affect Nx Witness VMS and its services.

Dear users,

Last Friday the news came out that a serious vulnerability existed in Log4j, a widely used Java-based logging library developed by the Apache Software Foundation, and the internet was set on fire, since it enables code injection on the affected services.

We would like to inform you that the Nx Witness VMS suite, consisting of:

• Nx Witness Mediaserver
• Nx Witness Desktop Client
• Nx Mobile Client
• Nx WebAdmin
• Nx Cloud

Does not use JAVA, and this isn't vulnerable to the log4j zero-day exploit.

Online, many tools can be found to check your systems if they might be vulnerable for the log4j exploit, and in case of Nx Witness, a false positive might pop up as logs4js

log4js is used by JavaScript, a completely different programming language as JAVA, and JavaScript is not affected by the log4j zero-day exploit.

More information about this vulnerability can be found here: CVE-2021-44228