CVE-2022-39803 Memory management issues in ACIS Part and Assembly files make it possible for a victim to be exploited and executed remote code.

According to the SAP Security Advisory, it is possible that the attacker can send an email with a malicious link, visit a website with an exploit kit, or deliver ACIS Part and Assembly files as part of a malicious document from an untrusted source. Due to lack of proper memory management, it is possible for an attacker to overwrite certain areas of memory with attacker’s own values and this can be done without any notification from OS or without any response from the application. Due to lack of proper memory management, it is possible for an attacker to overwrite certain areas of memory with attacker’s own values and this can be done without any notification from OS or without any response from the application. An attacker can send a malicious document, email or website that spreads a part or assembly file with a malicious content. Once downloaded, the ACIS Part and Assembly file can be executed.

CVE-2023-39804

According to the SAP Security Advisory, a memory leak issue is possible in one of the components that may allow an attacker to gain unauthorized access.
An attacker can send a malicious document, email or website that spreads a part or assembly file with a malicious content. Once downloaded, the ACIS Part and Assembly file can be executed. Furthermore, an attacker can exploit this vulnerability by sending an email with a malicious link or visiting a website with an exploit kit.

CVE-2021-38901

According to the SAP Security Advisory, it is possible that the attacker can send an email with a malicious link, visit a website with an exploit kit, or deliver ACIS Part and Assembly files as part of a malicious document from an untrusted source. Due to lack of proper memory management, it is possible for an attacker to overwrite certain areas of memory with attacker’s own values and this can be done without any notification from OS or without any response from the application.

How to check if my system is vulnerable to CVE-2022?

The system can check if it is vulnerable by running the following command:

Vulnerability details

The vulnerability exists in the way that some components are written to memory. When this happens, it is possible for an attacker to overwrite certain areas of memory with their own values and this can be done without any notification from OS or without any response from the application.

Installing the Dependency Walker

It is possible to find the type of vulnerability that is exploitable in SAP and this can be done by using the Dependency Walker tool. This tool is available as a free download on SAP Security site.

Timeline

Published on: 10/11/2022 21:15:00 UTC
Last modified on: 10/12/2022 19:54:00 UTC

References

• https://launchpad.support.sap.com/#/notes/3245929
• https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39803