Pilz Hardware And Software Not Affected By “Log4Shell” Vulnerability In Software Library Log4j

DCS PILZ Log4Shell Vulnerability 1 400

December 17, 2021

 

Dear Madam or Sir,

 

On December 10th, 2021, the BSI (the German Federal Office for Information Security) published a cyber security alert on the so-called “Log4Shell” vulnerability in the software library Log4j. Log4j is used in many Java applications.

From the BSI alert:

“An IT security vendor blog [LUN2021] reports on vulnerability CVE-2021-44228 [MIT2021] in log4j versions 2.0 through 2.14.1, which may allow attackers to execute their own program code on the target system and thus compromise the server.”

 

Further information is available at:

 

Pilz’s analysis revealed the following:

  • ••Pilz hardware components do not use Java and thus no log4j. Therefore, these components are not affected.
  • ••Pilz Software products partially use log4j versions 2.0 to 2.14.1 (current vulnerability CVE-2021-44228). Analyses to date have shown that it is highly unlikely that the vulnerability can be exploited. If, contrary to expectations, there is a risk, we will publish a security advisory.
  • ••In some Pilz Software products, log4j version 1.2.x is used. The exploitation of the vulnerability in this version (CVE 2021-4104) requires, among other things, a specific configuration. However, this configuration is not used in Pilz Software products.

 

We hope this information is helpful to you. If you have any further questions, please contact our technical support:support@pilz.com.

With best regards

Pilz GmbH & Co. KG

 

Source

 

Related Articles


Latest Articles

  • SIBERprotectTM Protects Industrial OT Systems with Innovative Cyber Response Solution

    May 15, 2024 A cyber-attack can happen within a millisecond. Defend your operation just as fast with SIBERprotectTM: an automated, intelligent solution for your industrial OT operation. By Krystie Johnston Siemens recently introduced SIBERprotectTM, an automated, intelligent solution that defends critical infrastructure and OT systems in industrial settings from cyberattacks. This advanced, automatic, response to… Read More…

  • Press Retrofit is Textbook: New for Old – and Even More Productive!

    May 15, 2024 Grass GmbH, a global manufacturer of movement systems – including telescopic slides – required a safety upgrade of a complete press line for steel forming at their Salzburg plant. Where normative safety requirements are concerned, presses have a special status: so they were looking for a partner that was able to convert… Read More…


Featured Article

Revolutionizing Material Movement with Autonomous Mobile Robots

Revolutionizing Material Movement with Autonomous Mobile Robots

In today’s fast-paced manufacturing and logistics industries, the need for efficient and flexible material movement solutions has never been greater. Traditional methods like conveyor systems, forklifts, and manual pushcarts have served us well, but they come with limitations.

That’s why Omron is thrilled to announce the launch of their game-changing MD Series of Autonomous Mobile Robots (AMRs). Read more


Products

  • iTEMP TMT36 Temperature Head Transmitter with IO-Link

    May 22, 2024 iTEMP TMT36’s reliable, long-term stable, single-channel IO-Link temperature transmitter for modular thermometers with form B connection head Endress+Hauser’s iTEMP TMT36 IO-Link temperature transmitter is designed for customers in the food & beverage and life science industry focusing on factory automation who want to benefit from cost-efficient devices that can communicate digitally, e.g…. Read More…

  • Siemens SIMATIC S7-1200 G2, Part of the Siemens Xcelerator Portfolio

    North American Debut at AUTOMATE 2024 – Siemens Announces New Generation of Controller with SIMATIC S7-1200 G2, Part of the Siemens Xcelerator Portfolio May 22, 2024 Key benefits include efficient motion control capabilities, flexible machine safety, increased performance and seamless scalability For the first time in ten years, Siemens is announced a new generation of… Read More…