CVE-2021-27585

Name of the Vulnerable Software and Affected Versions SAP 3D Visual Enterprise Viewer version 9

Description The issue occurs when a user opens manipulated Computer Graphics Metafile (.CGM) format files received from untrusted sources, causing the application to crash and become temporarily unavailable until restart. This is related to a memory corruption and stack-based buffer overflow issue when parsing CGM files.

Recommendations For SAP 3D Visual Enterprise Viewer version 9, consider avoiding the use of CGM file parsing functionality until a patch is available. As a temporary workaround, restrict the opening of .CGM files from untrusted sources to minimize the risk of exploitation.