Log4j Vulnerability Update – December 15, 2021

Transoft Solutions and its subsidiaries have undertaken an audit in relation to the Log4J vulnerability (CVE-2021-44228) and can confirm that none of our systems, infrastructure, software products and dependencies are affected. We are currently in the process of reaching out to our vendors to verify the same and continue to monitor the situation, we will update stakeholders if the situation changes.


Please note, our AirTOP products are shipped with log4j-1.2.15.jar. We have verified that this version precedes the vulnerability (present in versions 2.0 to 2.14) and there is no risk. In the next appropriate update, we will be replacing it with the newest patched version.  No other Transoft Solutions products are shipped with any log4j libraries.