News

Scan2x Security Advisory ID: S2X‐SA‐2025‐001 Date: May 16, 2025 Executive Summary Critical security vulnerabilities have been identified in a third-party Scan2x bundled dependency (Erlang/OTP). Successful exploitation could allow remote code execution, denial of service, or unauthorised data access. All customers must upgrade to Scan2x v3.0.2.1 immediately. Affected Versions Scan2x v3.0.0 through v3.0.2 Bundled components: Erlang/OTP 27.1 (otp_win64_27.1.exe)

---

Context: In mid-December 2021 a security vulnerability in the Log4J Java library was made public, labelled as CVE-2021-44228. This vulnerability in the Java logging libraries allows unauthorized remote code execution and access to affected unpatched servers. Statement: Neither Scan2x on-premise nor Scan2x Online are affected by this vulnerability. Most Scan2x applications are developed using .NET

---