CVE-2022-26107

Name of the Vulnerable Software and Affected Versions SAP 3D Visual Enterprise Viewer version 9.0

Description The issue occurs when a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file from untrusted sources, causing the application to crash and become temporarily unavailable until it is restarted. This is related to an out-of-bounds write remote code execution issue during JT file parsing.

Recommendations For SAP 3D Visual Enterprise Viewer version 9.0, avoid opening .jt or .x3d files from untrusted sources until a fix is available. As a temporary workaround, consider restricting access to the JT file parsing functionality to minimize the risk of exploitation.