jasonmckay117's profile

Thu, Dec 16, 2021 4:34 PM

Apache Log4j Vulnerability CVE-2021-44228 and CVE-2021-45046 SimpliSafe Products

Hello,

Could support tell us if any of the SimpliSafe products are vulnerable to the Log4j vulnerability and if any of the devices run Apache please?  Specifically, what is listed from here:

https://logging.apache.org/log4j/2.x/security.html

If so, what are the temporary workaround mitigations and do you have any update when a patch will be released to address these vulnerabilities?

Official Solution

Community Admin

 • 

2.9K Messages

8 m ago

Hi jasonmckay117,

At SimpliSafe, we take all forms of security very seriously. We are aware of this recently disclosed, widespread Apache Log4j vulnerability, and our teams have been working to identify any impact so we can take all necessary actions to protect our systems, and especially our customers.

Right now, we have found no reason to believe SimpliSafe, or our products, are impacted by this vulnerability. Because of the far-reaching impact of this vulnerability on companies and services, we will continue to be vigilant, and update customers and partners should we find any indications of impact.

(edited)