Details on this and also regularly updated information can be found on the BSI website at https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2021/2021-549032-10F2.html.
Since the vulnerable library is a JAVA component, only software developed with JAVA is affected. Therefore, (as of today) the ProLeiT software products Plant iT & brewmaxx are not affected by this security gap.
Beyond the system software developed by ProLeiT there are of course a lot of other products from other vendors which can be affected and vulnerable. We therefore ask all of our customers and partners to either update their networks and affected software applications or to secure them with appropriate settings.
Please also read the recommendations for action from the Product Security Office (PSO) of Schneider Electric at https://download.schneider-electric.com/files?p_Doc_Ref=SESB-2021-347-01.
Cyber Security Leader