PT-2022-15508 · Sap · Sap 3D Visual Enterprise Viewer
Published
2022-02-09
·
Updated
2022-10-26
·
CVE-2022-22539
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SAP 3D Visual Enterprise Viewer version 9.0
Description
The issue occurs when a user opens a manipulated JPEG file format received from untrusted sources, causing the application to crash and become temporarily unavailable until restart.
Recommendations
For SAP 3D Visual Enterprise Viewer version 9.0, avoid opening JPEG files from untrusted sources until a fix is available. As a temporary workaround, consider restricting the use of the JPEG file parsing functionality to minimize the risk of exploitation.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap 3D Visual Enterprise Viewer