Contact Info


706 Brewster Avenue Montreal, Qc, H4C 2K1

USA Office:

440 N Wolfe Road Sunnyvale,CA 94085
Follow Us

NoviFlow products and the Log4Shell Exploit – CVE-2021-44228

NB-21006: Log4Shell Exploit – CVE-2021-44228

Created by Darrell Irons, Director Customer Support and Operations, at 2021-12-13 21:59


On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string. Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. It is now called “Log4Shell” for short.  It has now been published as CVE-2021-44228.

NoviFlow can confirm that their current deployed products are not exposed to the Log4Shell exploit found in log4j 2 (CVE-2021-44228) reported on Dec 9th, 2021.