Remote Code Execution Vulnerability in SAP 3D Visual Enterprise Author
CVE-2022-41177
7.8HIGH
What is CVE-2022-41177?
A vulnerability exists in SAP 3D Visual Enterprise Author version 9, where improper memory management allows a malicious user to exploit the system. By opening a specially crafted Iges Part and Assembly (.igs, .iges) file received from an untrusted source, attackers can potentially execute arbitrary code on the victim's machine. This is due to a stack-based overflow or the re-use of a dangling pointer, which points to memory space that has been overwritten. Users are advised to avoid opening suspicious files to protect their systems.
Affected Version(s)
SAP 3D Visual Enterprise Author 9