CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32236 – SAP 3D Visual Enterprise Viewer BPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-32236
When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos manipulados de mapa de bits de Windows (.bmp, 2d.x3d) recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta que sea reiniciada la aplicación This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://launchpad.support.sap.com/#/notes/3206271 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32235 – SAP 3D Visual Enterprise Viewer DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-32235
When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos manipulados de AutoCAD (.dwg, TeighaTranslator.exe) recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta que sea reiniciada la aplicación This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://launchpad.support.sap.com/#/notes/3206271 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-31595
https://notcve.org/view.php?id=CVE-2022-31595
SAP Financial Consolidation - version 1010,�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. SAP Financial Consolidation - versión 1010,... no lleva a cabo las comprobaciones de autorización necesarias para un usuario autenticado, resultando en una escalada de privilegios • https://launchpad.support.sap.com/#/notes/3158815 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-862: Missing Authorization •
CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0CVE-2022-31594
https://notcve.org/view.php?id=CVE-2022-31594
A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system. Un usuario con altos privilegios puede explotar el programa SUID-root para escalar sus privilegios a root en un sistema Unix local • https://launchpad.support.sap.com/#/notes/3155571 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31590
https://notcve.org/view.php?id=CVE-2022-31590
SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system. SAP PowerDesigner Proxy - versión 16.7, permite a un atacante con bajos privilegios y con acceso local, con la capacidad de trabajar alrededor de las restricciones de acceso al disco root del sistema para Escribir/Crear un archivo de programa en la ruta root del disco del sistema, que luego podría ser ejecutado con altos privilegios de la aplicación durante el inicio o reinicio de la aplicación, potencialmente comprometiendo la Confidencialidad, Integridad y Disponibilidad del sistema • https://launchpad.support.sap.com/#/notes/3197005 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-428: Unquoted Search Path or Element •