Bosch.IO is aware of the recently disclosed vulnerability related to the open-source Apache utility “Log4j2″ (CVE-2021-44228).
For Bosch IoT Suite, we have been actively analyzing its impact. Our assessment has shown that certain parts of Bosch IoT Suite are affected, as they use Log4j2. We have taken appropriate steps to mitigate the vulnerability. So far, we are not aware of any misuse of data or suspicious actions.
If you observe any irregularities with your data, please let the Bosch IoT Suite team know proactively via our support channels.
Once we have an update, we will certainly be in touch.