Widely used in both enterprise apps and cloud services, Log4j is a popular (Java logging library) developed by Apache foundation. Proof of concept exploits are being shared online with mass scanning activities detected exposing home users and enterprises alike leading to remote code execution attacks.
Apache could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Java logging library. By sending a specially-crafted string value, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Upgrade your log4j versions to log4j-2.15.0-rc1.
Further information can be found at LunaSec: https://www.lunasec.io/docs/blog/log4j-zero-day/