CVE-2018-7841
Schneider Electric U.motion Builder SQL Injection Vulnerability
CVSS
—
No CVSS
EPSS
72.5%
p99
KEV
YES
Apr 15, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
72.5%EPSS · 30 days72.5%
2026-06-302026-07-16
Product
Schneider Electric / U.motion Builder
Vulnerability
Schneider Electric U.motion Builder SQL Injection Vulnerability
Added to KEV
Apr 15, 2022
Remediate by
May 6, 2022
Known ransomware use
No
Summary description
A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.
Required action
The impacted product is end-of-life and should be disconnected if still in use.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-7841
No related CVEs by CWE or product.