Understanding Log4Shell: Guide to Log4j Vulnerability CVE-2021-44228


The Log4shell vulnerability for Log4j, CVE-2021-44228, the exploit that everyone talks about and that allows remote code execution on any vulnerable machine. Log4j is a common opensource log library in all kinds of “software” and services, such as iCloud, Steam or Minecraft.

The security teams of companies around the world have begun to patch the vulnerability made public last Thursday that allows remote code execution on vulnerable machines in a simple way. The “exploit” has been dubbed Log4Shell and is present in an opensource log library present in millions on the Internet called Log4j.

To activate the “exploit”, the cybercriminal has to get the vulnerable “software” to save a special string of characters in the “log”. From then on, the doors are open for hackers.

Marcus Hutchins, security expert, has pointed out that “this log4j vulnerability (CVE-2021-44228) is extremely dangerous. Millions of applications use Log4j for registration, and all the attacker needs to do is for the application to register a special string (of characters). So far, iCloud, Steam, and Minecraft have been confirmed to be vulnerable. “
Hutchins delves into the case of the popular Minecraft video game, in which attackers were able to remotely execute code on their servers by publishing the chain of instructions required by the “exploit” in the game’s chat for Log4J to record it. Other security reports also include the servers of companies such as Amazon, Twitter and Cloudfare.

There are many proofs of concept available to test if you are vulnerable: Proof of concept
Mitre CVE offical page

See also  Essential Cybersecurity Strategies for Industry 4.0 Protection