Autodesk is aware of the recently discovered Apache Log4j security vulnerabilities. They have protection and defense strategies in place to identify and remediate any impacted Autodesk products, services or systems as the need arises. At this time, Autodesk has not identified any compromises in the Autodesk environment due to these vulnerabilities. Currently, there are no actions for Autodesk customers to take.

Please refer to the Autodesk products and services list in the link below for the remediation status. As their investigation continues and additional Apache patches are released, they will evaluate and adjust our guidance, as needed. This security advisory will be updated as new information or recommendations for Autodesk customers become available.

 

Link for more information regarding this.