A critical vulnerability ("Log4Shell") has been discovered in the Java library Log4j, which allows the execution of arbitrary code.
None of the software releases shipped by ORSOFT directly or indirectly use the affected Log4j li-brary. ORSOFT's software products are not vulnerable to the Log4Shell attack.
Additionally, ORSOFT has scanned all internal and external web services for the Log4Shell vulnera-bility using specialized scanners and has not identified any anomalies or attack vectors.
The services of external providers used in ORSOFT's business processes are either not affected or have already been patched.