Security flood light getting flagged for intrusion attemtps with l4j

user44521 · May 7, 2023, 4:48pm

Potential Risk
This may indicate a user who is attempting to escalate their network or application privileges.
Detection Category
emerging-exploits
SignatureET EXPLOIT Possible Apache log4j RCE Attempt - 2021/12/12 Obfuscation Observed M2 (CVE-2021-44228)

Date / TimeMay 06, 2023 at 8:55:21
Device
Counterpart 34.213.198.154
Counterpart Location
Boardman, United States

nslookup shows that as aws ec2
$ nslookup 34.213.198.154
154.198.213.34.in-addr.arpa name = ec2-34-213-198-154.us-west-2.compute.amazonaws.com.

Why is my flood light camera trying to escalate privileges and how do I see that from inside the camera itself?

Tom_Ring · May 9, 2023, 5:48pm

Hi @user44521. For this concern, I suggest reaching out to our support team directly. They’ll be able to run some diagnostics on your device and determine what is happening. Please give our support team a call at one of the numbers available here. If you are outside of the US, please visit here to see how to contact support.