VDB
CVE-2022-22537
CVE-2022-22537
PUBLISHED
CVSS 4.300000190734863 MEDIUM
When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.
EPSS 0.38% · 59.7th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
0.38%
59.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SAP SE | SAP 3D Visual Enterprise Viewer | 9.0 |
| sap | 3d_visual_enterprise_viewer | 9 |
Exploit Intelligence
- https://launchpad.support.sap.com/#/notes/3134684 (circl)
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html (circl)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
…and 108 more exploits
Timeline
- Jun 28, 2021 PoC Published
- Dec 11, 2021 PoC Published
- Dec 13, 2021 PoC Published
- Dec 18, 2021 PoC Published
- Feb 9, 2022 CVE Published
- Feb 10, 2022 EPSS Score
- Apr 3, 2022 EPSS Score
- May 26, 2022 EPSS Score
- Jun 7, 2022 PoC Published
- Jul 18, 2022 EPSS Score
- Sep 9, 2022 EPSS Score
- Sep 16, 2022 PoC Published