CVE-2021-44228 - Log4J\Log4Shell Vulnerability

Can someone confirm that Team Viewer is not impacted by CVE-2021-44228 in any fashion?

I cannot find any mention of the vulnerability anywhere on teamviewer.com.


Thanks.

Best Answer

  • Ying_Q
    Ying_Q Posts: 2,720 Moderator
    Answer ✓

    Hi @PSCSec,

    Thank you for bringing up this important security topic to us and we are sorry for the late response.


    Kindly check out the statement on TeamViewer Trust Centre:

    The third-party Java library Log4J2, which is widely used in the software industry, is subject to a critical vulnerability tracked as CVE-2021-44228. For our potentially impacted services including TeamViewer IoT, TeamViewer Engage, and TeamViewer Frontline, we have deployed an immediate server-side hotfix. User action is not required.

    Other TeamViewer products are not impacted. Furthermore, we have diligently investigated our IT infrastructure and taken appropriate steps to mitigate any supply chain risks. TeamViewer will continue to monitor the situation closely.

    Full information can be found via this link - https://www.teamviewer.com/en/trust-center/security-bulletins/hotfix-log4j2-issue/


    I hope the information would help you to understand the situation!

    Best regards,

    Ying_Q

    Community Moderator/中文社区管理员

Answers

  • Ying_Q
    Ying_Q Posts: 2,720 Moderator
    Answer ✓

    Hi @PSCSec,

    Thank you for bringing up this important security topic to us and we are sorry for the late response.


    Kindly check out the statement on TeamViewer Trust Centre:

    The third-party Java library Log4J2, which is widely used in the software industry, is subject to a critical vulnerability tracked as CVE-2021-44228. For our potentially impacted services including TeamViewer IoT, TeamViewer Engage, and TeamViewer Frontline, we have deployed an immediate server-side hotfix. User action is not required.

    Other TeamViewer products are not impacted. Furthermore, we have diligently investigated our IT infrastructure and taken appropriate steps to mitigate any supply chain risks. TeamViewer will continue to monitor the situation closely.

    Full information can be found via this link - https://www.teamviewer.com/en/trust-center/security-bulletins/hotfix-log4j2-issue/


    I hope the information would help you to understand the situation!

    Best regards,

    Ying_Q

    Community Moderator/中文社区管理员