A zero-day arbitrary code execution vulnerability CVE-2021-44228 (also known as Log4Shell) was discovered December 9, 2021 and affects the Apache Log4j library versions from 2.0 to 2.14.1. Log4j is a logging tool used in many Java-based applications. Successful exploitation of the Log4Shell vulnerability allows for arbitrary code execution in the targeted application, granting the attacker full access and control of the affected application. This could extend to the device the application is running on as well as networks beyond individual compromised devices.

ExtendSim is not a Java-based application and does not rely on software written in Java. Furthermore, we have analyzed the ExtendSim products and services and have not identified any instances of Log4j.