In response to your concerns regarding the remote code execution vulnerability (CVE-2021-44228) related to Apache Log4j, in our investigation so far, we can confirm that Splashtop is NOT vulnerable to this exploit, given the fact that the three main components of Splashtop servers do not use it to write logs.
As Splashtop and the industry at large continue to gain a deeper understanding of the impact of this threat, we will update the user with further information as they become available.
Please feel free to reach out to us if you have any more questions. Thank you for your patience and continued support.
Is Splashtop affected by Apache Log4j(CVE-2021-44228)?
Karishma