TotalCAE Platform Software is NOT vulnerable to the Log4Shell/Log4j exploit (CVE-2021-44228).
The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell
We are tracking other popular CAE tool vendor responses below that have public status updates:
Ansys: See https://download.ansys.com/others/software_security_alerts and https://download.ansys.com/others/software_security_apache_log4j
SIEMENS: See https://cert-portal.siemens.com/productcert/txt/ssa-661247.txt
3DS: See https://www.3ds.com/support/news/single/apache-log4j-vulnerability-cve-2021-44228/ and https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e (login required)
ThermoAnalytics: TAITherm, TAIThermIR, MuSES, and CoTherm. Emailed statement not impacted.
Altair: https://web.altair.com/security-bulletin (login required)
COMSOL: https://www.comsol.com/support/knowledgebase/1292
SIDACT (FEMZIP) : https://www.sidact.de/news0/16092021-1-1
Intel: https://www.intel.com/content/www/us/en/developer/articles/release-notes/intel-oneapi-hpc-toolkit-release-notes.html