Technical Tip:CVE-2021-44228 (log4j2) and FortiEDR

CVE-2021-44228  vulnerability is a 0-day exploit that was discovered on a popular Java library Log4j2 and can result in a Remote Code Execution (RCE).

This vulnerability is not exploitable in FortiEDR servers and hence does not affect FortiEDR Customers.

Due to that there is no planned FortiEDR release or patch to mitigate the issue.

For more details regarding mitigating the vulnerability by utilizing Fortinet products, please refer to https://www.fortiguard.com/threat-signal-report/4335/apache-log4j-remote-code-execution-vulnerability-cve-2021-44228.blog