Over the weekend, the German Federal Office for Information Security (BSI) reported a security vulnerability in the log4j software library, which is used for numerous Java applications. The criticality of this vulnerability was rated as very high. We have analyzed the issue for the ZMI programs (especially ZMI – WebClient) and came to the conclusion that they do not use logging based on “log4j”. With regard to third-party applications, we are in close consultation with the respective manufacturers and will – if necessary – provide further information at this point.