Java security vulnerability "Log4Shell”
DIVIS video systems not affected by JAVA security vulnerability
Bordesholm, 15 December 2021
As you probably already know, there are warnings in the media about a security gap in JAVA software.
In the meantime, we have received several enquiries from worried customers about this. With this special announcement, we are providing clarity and want to ease your concerns.
Software
The DIVIS software is NOT affected by the current security vulnerability.
The security gap described concerns a widely used JAVA library. However, neither the application software nor the recorder firmware is using JAVA.
In some cases, third-party software is in use on the recorders. We have checked this and, as far as we know, it is not affected by the vulnerability CVE-2021-44228.
Hardware
We are also not aware of any issues with third-party hardware (e.g. switches, cameras, location servers, and components) so far.
However, we have contacted the manufacturers to obtain further information. Should the information from the manufacturers reveal the suspicion of a vulnerability, we will inform you in detail about the measures taken as soon as possible.
The security of our products and your safety are essential to us. Security is a vital aspect of a modern video system for consignment tracking in logistics.
Therefore, we continuously do everything necessary to ensure that our systems not only run effectively but also securely.
