Pilz Hardware And Software Not Affected By “Log4Shell” Vulnerability In Software Library Log4j

DCS PILZ Log4Shell Vulnerability 1 400

December 17, 2021

 

Dear Madam or Sir,

 

On December 10th, 2021, the BSI (the German Federal Office for Information Security) published a cyber security alert on the so-called “Log4Shell” vulnerability in the software library Log4j. Log4j is used in many Java applications.

From the BSI alert:

“An IT security vendor blog [LUN2021] reports on vulnerability CVE-2021-44228 [MIT2021] in log4j versions 2.0 through 2.14.1, which may allow attackers to execute their own program code on the target system and thus compromise the server.”

 

Further information is available at:

 

Pilz’s analysis revealed the following:

  • ••Pilz hardware components do not use Java and thus no log4j. Therefore, these components are not affected.
  • ••Pilz Software products partially use log4j versions 2.0 to 2.14.1 (current vulnerability CVE-2021-44228). Analyses to date have shown that it is highly unlikely that the vulnerability can be exploited. If, contrary to expectations, there is a risk, we will publish a security advisory.
  • ••In some Pilz Software products, log4j version 1.2.x is used. The exploitation of the vulnerability in this version (CVE 2021-4104) requires, among other things, a specific configuration. However, this configuration is not used in Pilz Software products.

 

We hope this information is helpful to you. If you have any further questions, please contact our technical support:support@pilz.com.

With best regards

Pilz GmbH & Co. KG

 

Source

 

Related Articles


Latest Articles

  • Building the Future of Smart Tool Manufacturing – Together

    Why now Is the time to join the AIMS ecosystem August 27, 2025 By Samuel Kirkpatrick, ANCA Senior Product Manager – AIMS The manufacturing industry is undergoing its most transformative shift in over a century. As smart automation, AI-driven production systems, and advanced robotics redefine what’s possible, manufacturers are seeking ways to scale efficiently, adapt… Read More…

  • Comparing maxon EC-i vs ECX Motors: Which One Fits Your Design?

    August 19, 2025 The choice between maxon’s EC-i and ECX motor series depends on whether the application prioritizes torque or speed, rugged durability or quick responsiveness, and high load-handling capability or low-inertia performance. Both maxon product lines use brushless DC motor technology but are engineered with distinct rotor architectures and performance envelopes. This comparison outlines… Read More…


Featured Article

Revolutionizing Material Movement with Autonomous Mobile Robots

Revolutionizing Material Movement with Autonomous Mobile Robots

In today’s fast-paced manufacturing and logistics industries, the need for efficient and flexible material movement solutions has never been greater. Traditional methods like conveyor systems, forklifts, and manual pushcarts have served us well, but they come with limitations.

That’s why Omron is thrilled to announce the launch of their game-changing MD Series of Autonomous Mobile Robots (AMRs). Read more


Products

  • Emergent Vision Technologies Announces All EROS 10GigE Camera Models Now Shipping

    August 27, 2025 Emergent Vision Technologies is announcing that all models of the groundbreaking EROS 10GigE camera series are now officially shipping. Originally launched in December 2024, Emergent Vision Technologies says EROS is the smallest, lowest power10GigE camera in the world. “Thirty-nine new cameras across color, mono, SWIR, polarized, and UV sensors are now available… Read More…

  • Remote Display Unit Type EXCRDU2 from Lovato Electric

    August 26, 2025 LOVATO Electric expands its range of accessories for soft starters and variable speed drives with the new EXCRDU2 remote display unit. It is compatible with LOVATO Electric soft starters ADXL series and ADXNP type, as well as variable speed drives VLB series, equipped with an optional RS485 port. Up to 32 devices can be connected to the same unit, even… Read More…