An attacker can deliver the malicious .obj file to victims in many ways, such as phishing email, website lured with malicious ads, etc. Once the Wavefront Object is opened in SAP 3D Visual Enterprise Viewer - version 9, the following can happen:
The viewer loads the malicious .obj file and attempts to parse it.
The .obj file may have a certificate issue or other issues that causes the file to be blocked.
The .obj file may have an internal validation issue that causes the file to be blocked.
The .obj file may have an external validation issue that causes the file to be blocked.
The .obj file may have any other issue that causes the file to be blocked.
The .obj file may have an internal validation issue that causes the file to be blocked.
A blocked file causes an error message to be displayed, such as:
When a blocked file is opened, the following can happen:
The viewer attempts to parse the malicious .obj file.
The viewer loads the malicious .obj file and attempts to parse it.
As the .obj file is blocked, the viewer may display any of the below error messages:
In the above screenshot, the viewer is blocked because of the file extension.
When the viewer loads the malicious .obj file and attempts to parse it, the following can happen:
The viewer attempts to
##.What is a Wavefront OBJ file?
A Wavefront Object file (.obj) is an Open3D file that is commonly used by 3D software. These files are typically saved in the Wavefront OBJ file format and are often the result of a three-dimensional model being imported into 3D software.
Timeline
Published on: 10/11/2022 21:15:00 UTC
Last modified on: 10/12/2022 20:20:00 UTC