CVE-2022-32236
MEDIUMSAP 3D Visual Enterprise Viewer < 9.0 - Denial of Service via Malformed BMP File
Title source: llmDescription
When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Permissions Required, Vendor Advisory x_refsource_misc
https://launchpad.support.sap.com/#/notes/3206271
Scores
CVSS v3
5.5
EPSS
0.0014
EPSS Percentile
34.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
sap/3d_visual_enterprise_viewer
< 9.0
Published
Jun 14, 2022
Tracked Since
Feb 18, 2026