ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·4/15/2022
CVE-2018-7841 added to CISA KEV: Schneider Electric U.motion Builder
Status: ✅ Confirmed exploited in the wild
Date added: 2022-04-15
Required action: The impacted product is end-of-life and should be disconnected if still in use.
Due date: 2022-05-06
Why this matters
A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.