OTT HydroMet Systems Not Affected by the Java Vulnerability Issue
Important Statement: OTT HydroMet environmental monitoring systems are not affected by the current Java log4j vulnerability issue.
Java Situation
Media and government institutions reported Log4j vulnerability in versions 2.0 to 2.14.1 on the platform CVE under the number CVE-2021-44228, which may allow attackers to execute their own program code on the target system and thus compromise the server. Log4j is a popular library for Java applications. It is used for high-performance aggregation of log data of an application.
No Issues with OTT HydroMet Systems, Products, or Software
An analysis of the OTT HydroMet Group’s software and hardware products has shown that the effected version of Log4j is not in use and we therefore do not need to assume any immediate threat from OTT HydroMet systems. ADCON is an OTT HydroMet brand.
As always, we will continue to monitor ongoing developments regarding this matter and respond to any new findings.