Solutions Log4j Security Impact

With the recent identification of the security issue related to open-source Apache Log4j Utility, Type3 would like to provide details from Gravotech R&D regarding the impacts on the 3DESIGN, TYPE EDIT and Type3CAA solutions and products that our clients are utilizing.

Gravotech Cybersecurity team has been actively investigating any potential impact of this vulnerability. Apache reported that CVE-2021-44228 applies only to Log4j versions 2.0-2.14.1, and does not apply to Log4j versions 1.x”

For the various solutions and platforms:

3Design

In the hours following the announcement, Gravotech Type3 R&D team took immediate measures, as part of their vulnerability and threat intelligence processes, to mitigate potential risks. 3Design is using Log4j API 1.2 version.

It means there is no security impact for 3DESIGN.

Type3CAA, TYPE EDIT, LASER TYPE

These software platforms do not use Log4j API and therefore there is no impact and no security risk from our solutions.