Impact of the Log4Shell vulnerability on our products

The German Federal Office for Information Security (BSI) warns of a critical vulnerability Log4Shell (CVE-2021-44228) in the widely used Java library Log4j - and has upgraded its existing cyber security warning to warning level red since 12/11/2021. In this context, additional vulnerabilities were published on 12/10/2021 (CVE-2021-45046) and 12/18/2021 (CVE-2021-45105).

TA Triumph-Adler takes these security vulnerabilities very seriously and is carefully checking the extent to which our own offerings or partner products distributed by us are affected.

Affected products: Information sources & contact options (as of 01/18/2022)

enaio®, yuuvis® RAD and yuuvis® Momentum | enaio®, yuuvis® RAD and yuuvis® Momentum | Release Warning on the critical Zero Day Exploit in Log4j (optimal-systems.com)
Kofax Autostore | Kofax products and Apache Log4j2 vulnerability information
TASIM server. 1.1.2001 | Affected by CVE-2021-44228. A countermeasure version has been released. Please contact our support team at support@triumph-adler.net.
Licence server for TASIM and TA Capture Manager | Affected by CVE-2021-44228. Update applied on 12/17/2021.

The following products are NOT affected by the vulnerabilities (as of 01/18/2022)

All TA and UTAX MFP and printer as well as drivers and utilities
TA Cockpit®/ UTAX smart
TA Fax-Server powered by IPTAM
TA/UTAX Zeitblick
aQrate / MyQ
AFI applications
Cadosys Produkte
Fiery
Forms4Work, Mercury
KYOeasyprint
PlanetPress Suite
Scan2 OCR powered by ABBYY, ABBYY FineReader, ABBYY FineReader Server
ScannerVision
SteadyPrint
TAKWA Form Server Version 1.2.14

We are currently evaluating further solutions and will successively publish more information here. In case of doubt, please feel free to contact our service support at support@triumph-adler.net.