12/2021 B. Braun Medical Inc. Statement regarding cybersecurity vulnerability in the Apache Log4j 2 Java logging Library

Innovation Hub

Let's drive innovation in medical technology together. Learn more about our innovation hub and submit your idea.

Vulnerability Summary

On December 9, researchers published proof-of-concept (PoC) exploit code for a critical vulnerability in Apache Log4j 2, a Java logging library used by several applications and services.

B. Braun proactively analyzed the software stack of product lines that could potentially be affected by this vulnerability. None of the B. Braun products listed uses the affected logging library software detailed in the communication.

Product lines include:

Outlook^® Safety Infusion System Pump family

Space^® Infusion Pump family (Infusomat^® Space^® Infusion Pump, Perfusor^® Space^® Infusion Pump, SpaceStation, and Space^® Wireless Battery)

DoseTrac^® Server, DoseLink^™ Server, and Space^® Online Suite Server software

Pinnacle^® Compounder

APEX^® Compounder

B. Braun ensures high security standards throughout the product life cycle by using global accepted standard test and verification methods. It has established processes to monitor the latest vulnerabilities, threats, or risks and will proactively implement measures as required.

Further information can be found at the Department of Homeland Security Cybersecurity & Infrastructure Agency (CISA):