Check here for the latest information on the Log4j security vulnerability by PTC product (Apache Log4j CVE-2021-44228)
All product remediation actions provided by PTC apply to current and actively supported software versions. However, the remediation steps for these versions are similar or identical to earlier versions that leverage Log4j v1 or v2 and are no longer actively supported by PTC.
PTC strongly encourages customers on non-supported versions to take similar actions to protect their infrastructure and should not assume that previous versions of the software are not impacted by the vulnerabilities. Notably, PTC provides numerous security and performance-related improvements as we release new versions of our software. PTC strongly advocates for customers to leverage supported versions at their earliest opportunity to take advantage of these improvements and have the strongest possible security posture.
PTC believes that addressing cybersecurity threats is a shared responsibility across software providers, customers and active users of the software, partners and software integrators, governments and regulators, and more. PTC remains committed to fulfilling its role as a software provider in this shared responsibility model and strongly encourages other groups – including customers and active users – to fulfill theirs.