In the one month since news broke of a critical remote code execution vulnerability in the Log4j logging framework, there have been no major intrusions tied to the flaw in the US, officials from the Cybersecurity and Infrastructure Security Agency (CISA) said Monday.
However, they warned about the possibility of attackers exploiting the flaw later because of its prevalence — hundreds of millions of devices and components have the vulnerability — and the ease with which it can be exploited.
“We do expect Log4j to be used in intrusions well into the future,” said CISA director Jen Easterly in a virtual press conference. “We are concerned that threat actors are going to take advantage of this vulnerability,” especially against critical infrastructure targets.