TotalCAE Platform Software is NOT vulnerable to the Log4Shell/Log4j exploit (CVE-2021-44228).
The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell
We are tracking other popular CAE tool vendor responses below that have public status updates:
Ansys: See https://learningcommunity.ansys.com/index.php/ansys-customer-update
SIEMENS: See https://cert-portal.siemens.com/productcert/txt/ssa-661247.txt
3DS: See https://www.3ds.com/support/news/single/apache-log4j-vulnerability-cve-2021-44228/ and https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e (login required)
ThermoAnalytics: TAITherm, TAIThermIR, MuSES, and CoTherm. Emailed statement not impacted.
Altair: https://web.altair.com/security-bulletin (login required)
SIDACT (FEMZIP) : https://www.sidact.de/news0/16092021-1-1