A critical vulnerability in Apache Log4j2 impacting versions from 2.0-beta9 to 2.14.1 has been publicly disclosed. The vulnerability has been assigned the identifier CVE-2021-44228.

You’ll find below the available information about the potential impact of this vulnerability on our products. 

Avizo, Amira, Pergeos desktop products family

None of the general release products include the affected versions of Log4j2 and thus do not contain the CVE-2021-44228 logging vulnerability.

This includes Amira-Avizo 3D, Avizo For Industrial Inspection, PerGeos, Amira-Avizo2D, AvizoToGo for all editions.

Open Inventor products family

Log4j2 is not used in Open Inventor products, there is thus no vulnerability regarding CVE-2021-44228.

For any other information and more details please contact FRBOR.3d_hotline@thermofisher.com.