FRANKFURT Reuters -- Germany's federal cybersecurity watchdog, the BSI, issued a red alert on Saturday, its highest, on a flawed piece of software, saying it posed an extremely critical threat to web servers.
A vulnerability in a Java-based library known as Log 4 j can be exploited to allow a complete takeover of the affected system, the BSI said in a statement on its website.
The wide distribution of the affected product and the associated impact on countless other products is the reason for this assessment. The BSI said that the vulnerability is easily exploitable, and a proof-of concept is publicly available.
The BSI is aware of world and German mass scans as well as attempted compromises. Initial successful compromises are also reported to the public, it added.