Log4J Updates for Mastercam Users

We’re aware of the Log4J (JAVA) vulnerability (CVE-2021-44228) discovered on December 10 and have been investigating this vulnerability across our Mastercam family of products and our environment. Here’s what you need to know.

What is Log4J?

The Log4j vulnerability impacts a piece of open-source logging software that allows developers to understand how their programs function. The intended purpose is to help companies understand potential bugs or performance issues in their own software.

Unfortunately, Log4j can be exploited to allow attackers to take over the computers and networks of any organization running the program.

How does this affect Mastercam users?

At this time, we have not identified any issues with the Mastercam family of products. Out of an abundance of caution, we’ve temporarily disabled software updates while we investigate all avenues. Full details on this Java vulnerability can be found in the public advisory (CVE-2021-44228).

Where can I learn more?

We will continue our investigation into this vulnerability and will provide updates as necessary. You can find the latest information in our Knowledgebase here. To access our Knowledgebase, you’ll need to be signed in to your my.mastercam.com account. Don’t have an account? You can view the information here.