FDA MedWatch - Cybersecurity Vulnerability with Apache Log4j

Manufacturers should assess whether they are affected by the Apache Log4j cybersecurity vulnerability

If your email program has trouble displaying this email, view as a webpage. MedWatch - The FDA Safety Information and Adverse Event Reporting Program Cybersecurity Vulnerability with Apache Log4j The U.S. Food and Drug Administration (FDA) is raising awareness of a cybersecurity vulnerability in Apache's Log4j software library, versions 2.0-beta9 to 2.14.1. Log4j is broadly used in a variety of consumer and enterprise services, websites, and applications—as well as medical devices and supporting systems—to log security and performance information. These vulnerabilities may introduce risks for certain medical devices where the device could be made unavailable, or an inappropriate user could remotely impact the device functionality. At this time, the FDA is not aware of any confirmed adverse events affecting medical devices related to these vulnerabilities. Questions? If you have questions about this cybersecurity vulnerability, contact Apache (Log4j Security Team) or cybermed@fda.hhs.gov. Read More

Manage Subscriptions  |  Unsubscribe All  |  Help

This email was sent to edwardlorilla1986.paxforex@blogger.com using GovDelivery Communications Cloud on behalf of: U.S. Food and Drug Administration ·  10903 New Hampshire Ave · Silver Spring, MD ·  20993-0002 ·  1-888-INFO-FDA