First published: Tue Jul 03 2018(Updated: )
In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application.
Credit: cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric U.motion | <1.3.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.