Release notes
- Last UpdatedOct 13, 2023
- 3 minute read
PI Connector for EtherNet/IP
1.2.9.0
Overview
The 1.2.9.0 release of the PI Connector for EtherNet/IP is a maintenance release that updates the AF Client Dependency to 2018 SP3 Patch 2.
Fixes and Enhancements
Fixes
There are no fixes with this release.
Enhancements
There are no enhancements with this release.
Known Issues
There are no known issues with this release.
System Requirements
Operating Systems
This release supports Windows 10.
Server Platforms
This release supports Windows Server 2019, Windows Server 2016, and Windows Server 2012 R2.
Distribution Kit Files
|
Product |
Software Version |
|---|---|
|
Microsoft .NET Framework 4.8 Setup |
4.8 |
|
Microsoft Visual C++ 2019 Redistributable (x86) |
14.21.27702.2 |
|
Microsoft Visual C++ 2019 Redistributable (x64) |
14.21.27702.2 |
|
PI AF Client 2018 SP3 Patch 2 |
2.10.8.440 |
|
PI Connector for EtherNet/IP |
1.2.9.0 |
Installation and Upgrade
Installing PI Connector for EtherNet/IP
Refer to the Install the connector section.
Uninstalling PI Connector for EtherNet/IP
Refer to the Uninstall the connector section.
Security information and guidance
We are committed to releasing secure products. This section is intended to provide relevant security-related information to guide your installation or upgrade decision.
We proactively disclose aggregate information about the number and severity of security vulnerabilities addressed in each release. The tables below provide an overview of security issues addressed and their relative severity based on standard scoring.
No additional security vulnerabilities are applicable to this release.
Overview of New Vulnerabilities Found or Fixed
For this release of PI Connector for EtherNet/IP, three high security vulnerabilities have been identified and fixed. The category of High (7.0 - 8.9) is based on the CVSS scoring system. These high-level security issues have been resolved in the PI Connector for EtherNet/IP itself and PI AF Client 2018 SP3 Patch 2 sub-component which have been packaged in this release. To reduce exposure to these security issues, upgrade to the latest release.
Subcomponents of this release contain known vulnerabilities which are not exploitable in PI Connector for EtherNet/IP.
This table lists the known vulnerabilities along with their mitigation in this product.
|
Component |
Version |
CVE or Reference |
CVSS |
Mitigation |
|---|---|---|---|---|
|
jQuery |
2.1.3 |
jQuery 2.2 and 1.12 Released (https://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/) |
7.9 |
The referenced component uglify.js is not used in this product’s development process. |
|
jQuery |
2.1.3 |
CVE-2015-9251 |
6.1 |
No cross-domain AJAX requests are made. |
|
jQuery |
2.1.3 |
CVE-2019-11358 |
6.1 |
Input is sanitized for all calls to the referenced ‘extend’ function. |
|
jQuery |
2.1.3 |
https://github.com/jquery/jquery/issues/2965 |
8.6 |
Input is sanitized for all calls to the referenced ‘parseHTML’ function. |
|
jQuery UI |
1.8.23 |
CVE-2016-7103 |
6.1 |
The referenced property ‘closeText’ is not used. |
|
jQuery UI |
1.8.23 |
CVE-2010-5312 |
4.3 |
The referenced “jQuery UI dialog” widget is not used. |
|
Knockout JS |
3.3.0 |
https://github.com/knockout/knockout/issues/1244 |
8.6 |
This product is not supported for use in Internet Explorer 7 (IE7). |
|
Knockout JS |
3.3.0 |
CVE-2019-14862 |
6.1 |
This product is not supported for use in Internet Explorer 7 (IE7). |
|
Bouncy Castle |
1.8.1 |
CVE-2020-15522 |
5.9 |
This vulnerability does not apply to PI Connectors because they do not use ECDSA Encryption. |
Microsoft Software Security Defenses
In addition to finding and fixing security bugs within the PI Connector for EtherNet/IP, it is equally critical that we leverage security defenses provided by the Microsoft Visual C++ compiler that builds it and the Microsoft Windows operating system that runs it. Over the past decade, Microsoft has continually added new defenses and improved existing defenses with successive versions of the compiler and the operating system. To learn more about many of these key defenses, consult the Microsoft white paper, Mitigating Software Vulnerabilities (https://download.microsoft.com/download/5/0/5/505646ED-5EDF-4E23-8E84-6119E4BF82E0/Mitigating_Software_Vulnerabilities.pdf)