Cybersecurity Alerts

Schneider Electric U.motion Builder SQL Injection Vulnerability

A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.

Required Action

The impacted product is end-of-life and should be disconnected if still in use.

Weakness Classification

CWE-89

References

• https://nvd.nist.gov/vuln/detail/CVE-2018-7841