This vulnerability can be exploited by hackers to get remote code execution on the system of the victim as it is a part of SAP software. This might result in stealing sensitive information, unauthorized access to the system or denial of service of the targeted system. EAAmiga Interchange File Format (.iff) is used to exchange data between SAP components and is present in many modules like XSADM, SAP_BPC_Compliance, SAP_R3 or SAP_BPC. Due to lack of proper memory management in SAP 3D Visual Enterprise Viewer - version 9, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. This vulnerability can be exploited by hackers to get remote code execution on the system of the victim as it is a part of SAP software. This might result in stealing sensitive information, unauthorized access to the system or denial of service of the targeted system.
Vulnerability Scenario
A user opens a .iff file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9 and triggers Remote Code Execution as the malicious payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
SAP Software Overview
SAP is a software company that provides business management solutions, including software and services. SAP has been around since 1972 and is headquartered in Walldorf, Germany. SAP develops products for every industry, such as healthcare and manufacturing to name a few. SAP has over 350,000 customers worldwide with 75% of them in Europe.
SAP Risk Assessment
One of the responsibilities of SAP is to maintain a secure environment for their customers. They have been working hard to help find and fix vulnerabilities in software and keep customers’ information safe. They are currently investigating this vulnerability with EAAmiga Interchange File Format (.iff) as well as other modules.
SAP also provides recommendations for mitigating risks on their website, which can be found here:
- https://sap.com/en/support/security-guidance/13345
- https://www.sap.com/en/support/security-guidance/1628
SAP 3D Visual Enterprise Viewer – version 9
SAP 3D Visual Enterprise Viewer - version 9 is the latest version of a file viewer for SAP. It is used to view files in various formats like .dwg, .dxf, .sldprt and others. This tool is an alternative for users who prefer to work with these types of files instead of using MS Office or Google Drive.
Timeline
Published on: 10/11/2022 21:15:00 UTC
Last modified on: 10/12/2022 20:18:00 UTC