VisuNet RM*, VisuNet PC*, Box Thin Client BTC* (All products within these families)
A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
See details on Microsoft Advisory CVE-2021-34527 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527)
Windows Print Spooler Remote Code Execution Vulnerability
An attacker could install programs; view, change, or delete data; or create new accounts with full user rights.
Customers using Pepperl+Fuchs HMI devices out of VisuNet RM*, VisuNet PC* or Box Thin Client BTC* product families should follow these guidelines:
Please check the P+F website regularly for Windows security updates and use our security update service to be informed about the latest security incidents. We will inform you as soon as Microsoft releases further security updates and measures for existing vulnerabilities.
For Support please contact your local Pepperl+Fuchs sales representative.
Coordinated by CERT@VDE