Remote Code Execution Vulnerability in SAP 3D Visual Enterprise Author
CVE-2022-41167
7.8HIGH
What is CVE-2022-41167?
A vulnerability exists in SAP 3D Visual Enterprise Author version 9 that is linked to improper memory management. An attacker could exploit this vulnerability by sending a manipulated AutoCAD (.dwg) file to a victim. When the victim opens this file in the affected software, it could result in remote code execution due to stack-based overflow or re-use of a dangling pointer that refers to compromised memory space. This exploitation could lead to unauthorized actions on the victim’s system, putting sensitive information at risk.
Affected Version(s)
SAP 3D Visual Enterprise Author 9