SolarWinds and ZyXEL devices running the log4j library are being hit with attacks according to reports by Microsoft and Akamai. The issue is tracked as CVE-2021-35247 and has been combined with a zero-day in the SolarWinds Serv-U file-sharing server. According to Akamai, ZyXEL networking devices have been attacked as well. A researcher spotted a Mirai botnet targeting these vulnerable devices. According to security researcher Larry Cashdollar “It could be that Zyxel was specifically targeted since they published a blog stating they were impacted by the log4j vulnerability.” CVE-2021-35247 is an input validation vulnerability in SolarWinds Serv-U that could allow attackers to build a query given some input and send that query over the network without sanitation. Microsoft discovered attackers exploiting Serv-U servers using this vulnerability to carry out attacks against other systems with log4j vulnerabilities. SolarWinds customers should apply the updates recommended by SolarWinds to correct this vulnerability: https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35247