CVE-2022-41186
SAP 3D Visual Enterprise Viewer CGM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, a Remote Code Execution can be triggered when payload forces a stack-based overflow and or a re-use of dangling pointer which refers to overwritten space in memory.
Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado Computer Graphics Metafile (.cgm, CgmCore.dll) recibido de fuentes no confiables en SAP 3D Visual Enterprise Viewer - versión 9, puede desencadenarse una Ejecución de Código Remota cuando la carga útil fuerza un desbordamiento en la región stack de la memoria y o un reúso del puntero colgante que hace referencia a un espacio sobrescrito en la memoria
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CGM files. Crafted data in a CGM file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-09-21 CVE Reserved
- 2022-10-11 CVE Published
- 2024-08-03 CVE Updated
- 2024-09-25 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | 2024-01-25 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Sap Search vendor "Sap" | 3d Visual Enterprise Viewer Search vendor "Sap" for product "3d Visual Enterprise Viewer" | < 9.0 Search vendor "Sap" for product "3d Visual Enterprise Viewer" and version " < 9.0" | - |
Affected
|