On Thursday, December 9, 2021, Smartsign was made aware of a vulnerability in the widely used Log4j logging framework, CVE-2021-44228. We initiated our incident response process to determine our usage of this framework and its impact on our own and customer systems.
To date, our analysis has not identified any compromise of Smartsign systems or customer data. The affected framework is not in use in any of Smartsign's products. Smartsign customers are not vulnerable, and no action is required.