CVE-2021-27587

Name of the Vulnerable Software and Affected Versions SAP 3D Visual Enterprise Viewer version 9

Description The issue occurs when a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources, causing the application to crash and become temporarily unavailable until restart. This happens due to an out-of-bounds write and null pointer dereference in the JT file parsing mechanism.

Recommendations For SAP 3D Visual Enterprise Viewer version 9, consider avoiding the use of JT format files from untrusted sources until a patch is available. As a temporary workaround, restrict the opening of JT files to trusted sources only to minimize the risk of exploitation.