Support > KnowledgeBase > KB90085
KB90085
Published: December 16, 2021
Revision: 3.0

Log4j vulnerability in groov View may allow remote code execution

Applies To:

groov View running on the following:

  • GRV-EPIC-PR1, GRV-EPIC-PR2
  • GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
  • GROOV-AT1, GROOV-AT1-SNAP
  • GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP

Versions Affected:

GRV-EPIC-PR1, GRV-EPIC-PR2: All versions prior to 3.3.2
All other products: All versions prior to 4.3g

Resolved In Version:

GRV-EPIC-PR1, GRV-EPIC-PR2: 3.3.2
All other products: 4.3g

Symptoms:

A vulnerability in Log4j, which is included in groov View, could be exploited by an attacker to remotely execute code on the target system running groov View. This vulnerability is identified in the National Vulnerability Database as: CVE-2021-44228.

Resolution:

Opto 22 has resolved this issue. Apply the updates to the above listed products immediately, regardless of whether you're using groov View or not.

Questions?

Contact: Opto 22 Product Support.
Phone: 800-835-6786 or 951-695-3080
Email: support@opto22.com

DISCLAIMER

This Opto 22 Knowledge Base ('OptoKB') article is intended to provide general technical information on a particular subject or subjects and is not an exhaustive treatment of such subjects. Accordingly, the information in this OptoKB article is not intended to constitute application, design, software, or other professional engineering advice or services. Opto 22 may modify the OptoKB articles at any time. Before making any decision or taking any action which might affect your equipment, you should consult a qualified professional.

OPTO 22 DOES NOT WARRANT THE COMPLETENESS, TIMELINESS, OR ACCURACY OF THE DATA CONTAINED IN THIS OPTOKB ARTICLE AND MAY MAKE CHANGES THERETO AT ANY TIME AT ITS SOLE DISCRETION WITHOUT NOTICE. FURTHER, ALL INFORMATION CONVEYED HEREBY IS PROVIDED TO USERS 'AS IS.' IN NO EVENT SHALL OPTO 22 BE LIABLE FOR ANY DAMAGES OF ANY KIND INCLUDING DIRECT, INDIRECT INCIDENTAL, CONSEQUENTIAL, LOSS PROFIT, OR DAMAGE, EVEN IF OPTO 22 HAS BEEN ADVISED ON THE POSSIBILITY OF SUCH DAMAGES.

OPTO 22 DISCLAIMS ALL WARRANTIES WHETHER EXPRESSED OR IMPLIED WITH RESPECT TO THE INFORMATION (INCLUDING HARDWARE, SOFTWARE, AND/OR FIRMWARE) PROVIDED HEREBY, INCLUDING THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTIBILITY, AND NON-INFRINGEMENT. Note that certain jurisdictions do not sanction the exclusion of implied warranties: thus, this disclaimer may not apply to you.

Copyright © 2024 Opto 22. All rights reserved.