On Dec 10 2021, news of an exploitation affecting Apache Log4j was announced. This vulnerability is a remote code execution vulnerability allowing complete system takeover on systems with Log4j (CVE-2021-44228).
TEAM IM has conducted a detailed assessment of the M-Connect and Field Services platforms (including inspecting M-Connect code, 3rd party libraries and software, and platform infrastructure) and based on our assessment, the integrity of our M-Connect platform has not been affected by this vulnerability.
Frevvo has responded with the following statements:-
Our Managed Service and Support teams are working directly with customers to assess and remediate customer specific solutions as required.
TEAM IM will continue to actively monitor our platforms and solutions as well as track the status of the response to the vulnerability from our vendors.
TEAM IM Support