Accruent released the following statement about Meridian Server:

Recently, various security organisations reported the existence of a critical security bug in a 3rd party software component called Log4J, which is utilised within the Meridian stack. Upon being made aware of this issue, we completed an initial assessment and activated our Incident Response Plan. We have now created and released a patch for Meridian Server 2019+, which you can request by contacting support. We are in the final stages of testing a patch for Meridian Cloud, which is targeted for release by Friday 17 December. Meridian Server 2018 and earlier are not affected.

We continue to monitor our vendors for patches to affected third party applications, and we will provide additional updates as necessary.

Q&A:

Are Accruent products affected by the Log4J Vulnerability?
Yes, several Accruent products use Log4J.
Is your organization aware of active malware/exploits related to this vulnerability?
We are aware of active exploits targeting this vulnerability. At this time, we have no reason to believe Accruent or our suite of products have been impacted by these exploits.
Has your organization identified any malicious behavior or activity of concern related to our data and/or services?
We are monitoring our systems affected by Log4J closely. At this time, we have seen no indicators of any compromise to any customer or company data.
Has your organization taken the mitigation steps and updated your systems to non-vulnerable versions?
We are currently in-process of performing those updates to our affected products. The target date for full mitigation is 17 December 2021.

"Quartos"

@SanderGit can you open a PR once you feel that adds value to the list? Thanks!