Remote Code Execution Vulnerability in SAP 3D Visual Enterprise Author
CVE-2022-39806
7.8HIGH
What is CVE-2022-39806?
A vulnerability exists in SAP 3D Visual Enterprise Author due to improper memory management when processing SolidWorks Drawing files. When an unsuspecting user opens a specially crafted .slddrw file from an untrusted source, it can lead to a stack-based overflow or the use of a dangling pointer that refers to overwritten memory. This flaw may allow attackers to execute arbitrary code, compromising system integrity and security.
Affected Version(s)
SAP 3D Visual Enterprise Author 9