Last Friday the news came out that a serious vulnerability existed in Log4j, a widely used Java-based logging library developed by the Apache Software Foundation, and the internet was set on fire, since it enables code injection on the affected services.
We would like to inform you that the Nx Witness VMS suite, consisting of:
- Nx Witness Mediaserver
- Nx Witness Desktop Client
- Nx Mobile Client
- Nx WebAdmin
- Nx Cloud
Does not use JAVA, and this isn't vulnerable to the log4j zero-day exploit.
Online, many tools can be found to check your systems if they might be vulnerable for the log4j exploit, and in case of Nx Witness, a false positive might pop up as logs4js
More information about this vulnerability can be found here: CVE-2021-44228
Post is closed for comments.