CVE-2018-7841 - Schneider Electric U.motion Builder SQL Injection Vulnerability
Project:Schneider Electric
Product:U.motion Builder
Date Added:2022-04-15Due Date:2022-05-06
Vulnerability Name
Schneider Electric U.motion Builder SQL Injection Vulnerability
Description
A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
The impacted product is end-of-life and should be disconnected if still in use.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-7841