At Phlexglobal, as we are made aware of new potential security vulnerabilities we rapidly assess the risk and take appropriate action in line with our SOPs regarding vulnerability management.
On December 9th 2021 a vulnerability in a Java based package log4j was made public and has since had widespread news coverage. This vulnerability allows an attacker to execute code on a remote server. Because of the widespread use of Java and Log4j, this is considered a serious and potentially impactful vulnerability. As such, Phlexglobal has rated this as a High risk and taken immediate action.
Phlexglobal’s core products, PhlexTMF and PhlexRIM are both protected by Cloudflare WAF, which provided an immediate response to the issue to protect customers. More details on this can be found at https://blog.cloudflare.com/how-cloudflare-security-responded-to-log4j2-vulnerability/
In addition, Phlexglobal has run a full perimeter scan using AppCheck security scanning platform. AppCheck provided targeted templates to scan for this vulnerability, more details can be found at https://appcheck-ng.com/apache-log4j-vulnerability-cve-2021-44228/. This scan did not find any vulnerabilities across the Phlexglobal network.
We are currently reviewing all our critical suppliers and assessing their responses to this situation and ensuring that these meet the standards that we demand. We are cross referencing against a public list of open vulnerabilities that we are following which can be found at https://github.com/NCSC-NL/log4shell/tree/main/software. We also continue to rely on our internal tooling, including Darktrace and Azure Sentinel, to identify any suspicious network behaviour.