Skip Ribbon Commands
Skip to main content
Sign In
{{'GLOBAL_MESSAGE_HEADLINE' | translate}}
{{'GLOBAL_MESSAGE_CHOOSE_LANG' | translate}}
en
日本語
中文
{{'GLOBAL_MESSAGE_OR' | translate}}
{{'GLOBAL_MESSAGE_SET_COUNTRY' | translate}}
{{'ELOQUA_BANNER_DECLINE_CONFIRM' | translate}}
{{'ELOQUA_BANNER_DECLINE_CONFIRM_CLOSE' | translate}}
{{'ELOQUA_BANNER_ACCEPT' | translate}}
{{'ELOQUA_BANNER_DECLINE' | translate}}
Read the latest
Product Security Updates

Product Security Bulletin for Apache Log4J Issue

13 APRIL 2022


Background

Terumo Blood and Cell Technologies is aware of and is currently monitoring the Apache Log4j global software component vulnerability (CVE-2021-44228).

As a result, product technical teams are performing technical assessments to determine if the Apache Log4j vulnerability presents a measurable cybersecurity risk.


Response

Terumo Blood and Cell Technologies is currently working with each product team and assessing if and how the Apache Log4j vulnerability could be used to exploit our products. While some technical assessments have been completed, others are still ongoing.


Terumo Blood and Cell Technologies products that are confirmed to be unaffected by Apache Log4j –

The product list below is available to customers to help identify existing Terumo Blood and Cell Technologies products that have been confirmed to be unaffected by the Apache Log4j vulnerability. The list provided below is not comprehensive and may be updated as more products are assessed. It does not indicate the patch or device status.

  • Reveos® Automated Blood Processing System
  • FINIA® Fill and Finish System
  • Cell Processing Application
  • Trima Accel® Procedure Summary
  • Vista® Information System
    • Oracle 10g for use with Vista Information System v3.2
    • Oracle 19c for use with Vista Information System v4.2.1
  • Trima Accel® Automated Blood Collection System
  • Quantum® Cell Expansion System
  • Cadence® Data Collection System
  • Spectra Optia® Apheresis System
  • Mirasol® Pathogen Reduction Technology
  • InfoVu
  • Trima KPI Dashboard
  • TOMEs - Terumo Operational Medical Equipment Software
  • Trucise® Data Management System


Terumo Blood and Cell Technologies products that are confirmed to be susceptible to the Apache Log4j vulnerability –

The product list below is available to customers to help identify existing Terumo Blood and Cell Technologies products that have been confirmed to be susceptible to the Apache Log4j vulnerability. The list provided below is not comprehensive and may be updated as more products are assessed. It does not indicate the patch or device status.

  • Vista® Information System
    • Oracle 12.2 for use with Vista Information System v4.0 SP2
    • Oracle 12.2 for use with Vista Information System v4.2
For mitigation instructions and for questions related to the safety and efficacy related to mitigation measures, customers are advised to contact their customer service representative.

Customers that maintain patches independent of Terumo Blood and Cell Technologies delivery should ensure these actions are performed as the acting responsible entity to maintain the correct security posture of the system(s).

​​​​​​​​​​​

{{'SEARCH_MODAL_TITLE' | translate }}
{{'SEARCH_MODAL_OR' | translate }}

{{'SEARCH_MODAL_BROWSE' | translate }} {{'SEARCH_MODAL_ENLABEL' | translate }}
{{'SEARCH_MODAL_CHOOSE_LANGUAGE' | translate }} {{'SEARCH_MODAL_CHANGE_LANGUAGE' | translate }}
{{$index+1}}. {{s.label}}