You may have seen recent news about a “Critical vulnerability” in the popular Log4j logging library being reported ((CVE-2021-44228), nicknamed Log4Shell.
The vulnerability is tracked as CVE-2021-44228 and is a remote code execution vulnerability that can give an attacker full control of any impacted system.
We have contacted all of our suppliers and they have confirmed there is no issues with the current Vista products.
|Category||WEB VIEWER||Whether use log4j||Remark|
|VK2 Cameras||X||Not affected|
|VIPER DVR/NVR||WINDOWS||X||Not affected|
|MAC||O||The affected part is core/lookup/JndiLookup.class, but the file does not exist in the version we are using.
1. No core/lookup/JndiLookup.class file
2. In iOS, if we do not use Log4j, the program cannot be created, so we have to include it, but we are not actually using it.
|Viper Central||WINDOWS||X||Not affected|
|VLI Cameras||X||Not affected|
|PVM Monitors||X||Not affected|
|X||There is a statement here: