In this case, SAP system will be under a high risk of being hacked, as the attacker will be able to control every single system action executed by this infected device.
When an SAP system process is opened in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. In this case, SAP system will be under a high risk of being hacked, as the attacker will be able to control every single system action executed by this infected device.
If your system has been infected with Remote Code Execution vulnerability, you need to protect it as soon as possible. To avoid these vulnerable systems from being hacked, you need to upgrade your system to the latest version by following the guide provided in this article.
Remote Code Execution in SAP 3D Visual Enterprise Author - version 9
A Remote Code Execution vulnerability in SAP 3D Visual Enterprise Author - version 9 is triggered when an attacker uses a stack-based overflow or a re-use of dangling pointer with overwritten space in memory, the address of which can be programmed by the attacker.
If your system has been infected with Remote Code Execution vulnerability, you need to protect it as soon as possible. To avoid these vulnerable systems from being hacked, you need to upgrade your system to the latest version by following the guide provided in this article.
Step 1: Check your SAP version
Systems that have been infected with Remote Code Execution vulnerability are most likely running on version 3D Visual Enterprise Author - version 9. To check your SAP version, please follow the steps below:
1. Login to the SAP system as an administrator
2. Click “Settings” in the top-left corner of the screen
3. On the left-hand pane, click “System Administration” and then “SAP Status Report”
4. The “SAP Version 7/8/9” should be listed on this page under “Downloaded Software” and you can find your installed service pack by following this link: "Service Pack"
5. If your systems is running on a vulnerable version, you need to upgrade it as soon as possible by following this article's guidance or contact professional services in order to investigate and fix the issue
Timeline
Published on: 10/11/2022 21:15:00 UTC
Last modified on: 10/12/2022 20:02:00 UTC