Apache Log4j2 Security Vulnerability of Sharp Products and Services

Recently, a security vulnerability in an open-source library called Log4J2 was made public on December 9, 2021. The Log4J2 library is a logging framework widely deployed within many Java-based applications. If the vulnerability is exploited, malicious intruders can pass and execute malware into the framework that could potentially allow them to access sensitive date and take control of targeted systems (see National Vulnerability Database: CVE-2021-44228).

Sharp has been working to assess the risk of the Log4J2 security vulnerability and how it affects Sharp document systems, professional and commercial display products and related applications, and services.

As of this date, the investigation has determined the following. Sharp products and services not listed below are under ongoing investigation.

Sharp Document Systems

Product

Log4J2 Vulnerability Impact

Sharp (A3 and A4) MFPs and Printer Firmware

None

Fiery Print Controller

None (EFI Announcement)

Print Drivers and Tools

None

Cloud / Email Connectors

None

Sharp OSA-SDK

None

Sharpdesk Mobile / Print Service Plug-in

None

Sharpdesk Network Scanner Tool

None

Synappx Go

None

Synappx Meeting

None

MICAS

None

AIP Core

None

Kayleigh Job Accounting

None

Application Portal

None

Sharp Remote Device Manager (SRDM)

SRDM versions below 2.13.0.15640 are Impacted. Older versions should be updated to this latest version. SRDM version 2.13.0.15640 can be downloaded from https://business.sharpusa.com/Software/SRDM

Sharp Professional and Commercial Displays

Product

Log4J2 Vulnerability Impact

SHARP Professional & Commercial Displays, AQUOS BOARD® Interactive Display Systems, and Windows Collaboration Display

None

SHARP Wireless Board (PN-ZB03W)

None

SHARP Pen Software

None

SHARP Information Display Downloader

None

SHARP Display Connect

None

SHARP Touch Viewer

None

SHARP Content Distributor

None

SHARP Digital Signage Software (SDSS)

None

DirectDrawing

None

Touch Pen Utility

None

Touch Panel Settings Tool

None

Touch Pen Management Tool

None

Display Management Tool

None

Display Installation Tool

None

 

Additional updates on impacted Sharp products and services and related countermeasures will be provided  on this page as they become available.

The best way to protect against security threats is to be proactive. As a leader in document systems security, Sharp takes security very seriously by helping its clients stay ahead of malicious intruders and protect their data with robust security features included in its printers and copiers, including firmware attack prevention and recovery, confidential printing, user authentication and an end-of-lease data erase feature. Additionally, Sharp’s intelligent network interface provides security control features designed to prevent threats and document improper device access.

Sharp provides an MFP security checklist to help businesses ensure they are taking all the necessary steps. Download the checklist here or visit SharpUSA.com/Security for more information.

 

Leave a Comment