It has been announced that a remotely exploitable 0-day vulnerability for the popular Java logging library Log4j has been discovered and that code to exploit this is in the public domain. If exploited, this enables execution of code and potentially full control of the target machine - scanning for vulnerable machines is now being reported.
Details of the CVE can be found here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
Log4j is used widely by many applications for logging and the vulnerability affects versions 2.0 to 2.14.1 of Log4j
SMG is not affected by this vulnerability.
For the latest Broadcom Symantec product information regarding this vulnerability, please see the related Symantec Security Advisory.