CVE-2018-7784

Summary

In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application.

Affected Software

VendorProductVersion RangeStatus
Schneider Electric SEU.motion BuilderU.motion Builder, all versions prior to 1.3.4affected

Weaknesses

  • Print Format Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References