In December 2021, NIST announced a previously unknown zero-day vulnerability (CVE-2021-44228) for the commonly used logging library for Java-based software called Log4j. Convergint primary business applications and integrations do not use the Log4j library and therefore are not impacted by this vulnerability.

Convergint impact 

As a security measure, Convergint’s Cybersecurity and Application Development teams conducted a full impact assessment once the vulnerability was initially documented. The result of this assessment has confirmed that no Convergint-provided service or customer tool has been affected. In addition to this assessment, Convergint has verified all anti-malware software is up to date on all required endpoints and communicated with key partners to understand the impact on products and services they provide for Convergint customers.

Technology partner impact 

Each system Convergint provides is unique to the customer and comprised of many components from various manufacturers and technology partners. To keep informed about potential system vulnerabilities, see statements issued by top technology partners below. Convergint will continue to closely monitor the response of security researchers as the impact of this vulnerability evolves. Further updates will be posted as necessary. 

Convergint’s product partners work diligently to ensure their latest firmware and software updates (patches) provide protection from vulnerabilities like Log4j. Applying the latest firmware and software updates to your security system, in addition to password security on all devices, provides the highest level of protection to keep security systems safe from ransomware and other cyber attacks. 

This vulnerability highlights the reason Convergint recommends password and patch management as the minimum baseline service for all customer systems. 

For immediate response concerning Log4Shell, contact your local service department via iCare.

iCare

Contact us

Convergint offers comprehensive cybersecurity services to mitigate risk and improve cybersecurity posture. Using an innovative, scalable approach that aligns business objectives with customer needs, Convergint deploys custom-fit, robust programs to help protect your systems 24/7/365.

Contact Convergint today for a cyber readiness scan, or to learn about proactive cyber tools from partners like SecuriThings and Blackpoint Cyber to help implement an effective cyber defense for your security systems.

Contact Us