To:  DW® Customers

Date:  December 15, 2021

Re:  Log4j Software Vulnerability Statement

Log4j Software Vulnerability Statement

Dear Digital Watchdog Partner,

This technical bulletin is being provided to address the growing concerns with the recent “Log4Shell” software vulnerability. We are here to reassure you that Digital Watchdog’s products remain unaffected by this news and are not vulnerable to the Log4J zero-day exploit.

This past Friday (12/10/2021) the Apache Software Foundation discovered and disclosed a severe vulnerability that exists in “Log4J”, a widely used JAVA-based logging library that was developed by the Apache Software Foundation. It was found that the vulnerability allowed code injection on targeted systems.

• For more information:  CVE-2021-44228

Please be assured that the DW Spectrum IPVMS software, DW Blackjack Series, VMAX Series, and the MEGApix IP Camera Series devices do not use the JAVA programming language that the Log4J vulnerability is derived from. Instead, Digital Watchdog systems use JavaScript (.JS format), a completely different scripting language from the JAVA programming language.

Digital Watchdog customers do not need to take any action or alterations with their DW systems or products. It is recommended to keep the firmware and software versions of DW products up-to-date to ensure that current cybersecurity standards and function updates are implemented on your surveillance system(s).

For More Information or Technical Support

DW Technical Support:

Toll-free:  866.446.3595

digital-watchdog.com/contact-tech-support/

__________________________________________________________________________________

866.446.3595              [email protected]        www.digital-watchdog.com

Rev: 12/21                              Copyright © DW. All rights reserved. Specifications and pricing subject to change without notice.