The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Critical Log4j Vulnerabilities Affect Real Estate Software

Critical Log4j Vulnerabilities Affect Real Estate Software
17 December 2021

Critical vulnerabilities in open-source software pose potential risks for a wide range of businesses, governments and individuals.

Log4shell, the vulnerability within the widely-used logging tool Log4j, means that anyone who uses Log4j to catalogue activity in their software applications or online services is at risk.

In the case of real estate software and PropTech, this could mean sensitive data such as floorplans, occupancy or budget information open to nefarious sources.

Apple, Minecraft, IBM, Cisco, Google and Amazon all use Log4j, and the issue was initially disclosed on December 9, 2021.


The “Most Severe Computer Vulnerability in Years


The National Cyber Security Centre is calling Log4shell “potentially the most severe computer vulnerability in years.” They also state that, If left unfixed, attackers can break into systems, steal passwords and logins, extract data, and infect networks with malicious software.

Esri UK, who provides indoor mapping software for facilities managers, has informed their customers that they are actively investigating the impact of the Log4j 2 library critical vulnerabilities, as some Esri products contain this common logging tool.

Esri’s GIS mapping tool is used by organisations such as Oxford University, Westminster City Council and The British Red Cross.

Oracle, AWS and Cloudflare have all issued advice to their customers.


What’s The Guidance For Dealing With the Log4j Bug?


The NCSC has issued the following guidance for board members of large businesses:

The Cybersecurity and Infrastructure Security Agency is also keeping developers informed on the issue:

Picture: a photograph showing a laptop's keyboard.

Article written by Ella Tansley | Published 17 December 2021


Related Articles

Facilio Launches Connected CMMS

Facilio has announced the launch of Connected CMMS, reportedly the only software platform to consolidate all property maintenance, client engagement, vendor management,...

 Read Full Article
British Land to use SAAS Solution Throughout Retail Portfolio

PlanRadar has announced a new partnership with British Land, one of the UK’s largest property development and investment companies. From May 2021,...

 Read Full Article
Is Cybersecurity a Home Working Health and Safety Issue?

Bureau Veritas is urging businesses who are remote working to prioritise cybersecurity as a health and safety risk. As Britain looks set to embrace a long-term shift...

 Read Full Article
24% of Planners Say Smart Cities Will be a Security Challenge 

Urban design professionals believe that the use of smart technology in public spaces could pose a security threat. Smart city technology can bring a great many...

 Read Full Article
Amey IT Security Attack Still Unresolved

A “complex IT security incident” of Amey’s systems in December 2020 remains unresolved, meaning parts of their system are still offline. As stated on...

 Read Full Article
2021 New Year's Resolutions for Employers

As we prepare to wave goodbye to a difficult 2020, what positive changes as employers can we bring to the new year?   Join the Race at Work...

 Read Full Article
Cybersecurity – Are Smart Buildings and its Data Vulnerable to Malware Attacks?

As more and more of a building’s functions are automated and controlled via smart technology systems, has cybersecurity been an afterthought? In Boris...

 Read Full Article
Health Passports – The Future of Leisure and Travel?

As a British tech firm launches its secure five in one digital health passport, might this become the solution for reviving global economies? According to a...

 Read Full Article
New Software to Improve Cleaning Efficiency Launches

Clenetix has launched its software-as-a-service solution for the cleaning industry, helping cleaners to manage all daily operations through an app. The...

 Read Full Article
Templa Acquired by Innovise to Strengthen Offering to Cleaning Markets

The software company Templa has been acquired by Innovise, the UK subsidiary of TEAM Software.  The acquisition brings together the two UK software market...

 Read Full Article