It is rare that a vulnerability lives up to the hype, but CVE-2021-44228 aka Log4shell has exceeded expectations.
This vulnerability allows unauthenticated remote code execution (RCE) and it is triggered when a specific string is processed and then parsed by the vulnerable Log4j logging component.
What we are doing
If we discover this vulnerability on your environment, we will contact your directly.
We have effective methods of discovering this vulnerability and we are running scans vs all customer environments. These scans are additive and running continuously, they run in parallel with your normal scanning and the detection methods are updated hourly.
How we are doing it
edgescan is approaching this with every client as the highest priority. Our scans will continue to run with the following approach.
If a server is found to be vulnerable at this phase you our client is contacted to ensure both prompt notification and mitigation is in place.
We follow this up with fuzzing the discovered endpoints and parameters with the latest bypass vectors.
After the third phase is completed, we continue to discover and confirm full coverage as well as staying on top of both research and feeds for any additional mitigation bypasses.
If the testing team discover a vulnerable instance on a customer’s organisation, we are directly contacting customers. If they hear nothing great, scans are happening and we haven’t discovered a vulnerable instance yet.
Marketing Executive of Edgescan