CVE Radar

CVE Radar Logo
CVERadar

Edition used by more than 30,000 companies in more than 150 countries.
Sign Up For Free

CVE-2022-39806

High Severity|Sap
55
SVRS
7.8
CVSSv3
0.00515
EPSS
TAGSNo tags available
VECTOR STRING
CVSS:3.1AV:LAC:LPR:NUI:RS:UC:HI:HA:H
PUBLICATION DATE2022-10-11
LAST MODIFIED2024-08-03

Security Intelligence Brief

1. What is this vulnerability and why does it matter?
This vulnerability (CVE-2022-39806) is a Remote Code Execution (RCE) flaw found in SAP 3D Visual Enterprise Author, specifically version 9. It stems from a lack of proper memory management, which can lead to a stack-based overflow or the reuse of a dangling pointer when a user opens a specially crafted SolidWorks Drawing (.slddrw) file. This is critical because RCE vulnerabilities allow an attacker to execute arbitrary code on the victim's system, potentially leading to complete system compromise, data theft, or further network penetration.
2. What are the CVSS score, severity level, and disclosure details?
The CVSS score for this vulnerability is 7.8. This indicates a High severity level. The vulnerability was publicly published on October 11, 2022, and was last modified on August 3, 2024.
3. Which products, vendors, systems, and versions are affected?
  • Vendor: SAP
  • Product: SAP 3D Visual Enterprise Author
  • Versions Affected: version 9
  • Systems: Systems where SAP 3D Visual Enterprise Author - version 9 is installed and used to open SolidWorks Drawing files (e.g., Windows operating systems).
4. What is the technical root cause and attack vector?

The technical root cause is a lack of proper memory management within the CoreCadTranslator.exe component of SAP 3D Visual Enterprise Author. This deficiency can lead to:

  • A stack-based buffer overflow (CWE-119)
  • The reuse of a dangling pointer which refers to overwritten memory space (CWE-787)

The attack vector involves a victim opening a manipulated SolidWorks Drawing (.slddrw) file. This file, received from an untrusted source, contains a malicious payload designed to exploit the memory management flaws.

5. How can this vulnerability be exploited?
Exploitation occurs when an attacker crafts a malicious SolidWorks Drawing (.slddrw) file. This file, when opened by a victim using SAP 3D Visual Enterprise Author - version 9, triggers the memory corruption vulnerability (either a stack-based overflow or a dangling pointer reuse). The malicious payload embedded within the file can then force the execution of arbitrary code on the victim's system, leading to Remote Code Execution. The primary method of delivery for such a file would likely be via social engineering, such as phishing emails or malicious websites.
7. How can vulnerable systems be detected?
Vulnerable systems can be detected by identifying installations of SAP 3D Visual Enterprise Author. Specifically, any instance running version 9 of the software is susceptible. Organizations should maintain an accurate software inventory to easily identify all installations of this product and their respective versions.
10. What public intelligence references and advisories exist?
  • CVE ID: CVE-2022-39806
  • CWE IDs: CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-787 (Out-of-bounds Write)
11. What is the risk assessment and urgency level?

Risk Assessment: The risk associated with CVE-2022-39806 is High. With a CVSS score of 7.8 and the potential for Remote Code Execution (RCE), successful exploitation could lead to full compromise of the affected system. This includes unauthorized access, data manipulation, privilege escalation, and lateral movement within the network.

Urgency Level: The urgency level is High. Organizations using SAP 3D Visual Enterprise Author version 9 should prioritize addressing this vulnerability immediately. Given that exploitation relies on user interaction (opening a malicious file), security awareness training is also crucial to reduce the likelihood of successful social engineering attacks.

No IOCs found for this CVE

No exploits found for this CVE

SOCRadar Logo

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs
CVE-2022-39806 | SAP 3D Visual Enterprise Author 9 SLDDRW File CoreCadTranslator.exe memory corruption (EUVD-2022-42251)
vuldb.com2026-07-03
CVE-2022-39806 | SAP 3D Visual Enterprise Author 9 SLDDRW File CoreCadTranslator.exe memory corruption (EUVD-2022-42251) | A vulnerability described as critical has been identified in SAP 3D Visual Enterprise Author 9. Affected by this issue is some unknown functionality of the file CoreCadTranslator.exe of the component SLDDRW File Handler. The manipulation results in memory corruption. This vulnerability is cataloged as
vuldb.comrssforumnews
CVE-2022-39806 | SAP 3D Visual Enterprise Author 9 SLDDRW File CoreCadTranslator.exe memory corruption
vuldb.com2026-02-25
CVE-2022-39806 | SAP 3D Visual Enterprise Author 9 SLDDRW File CoreCadTranslator.exe memory corruption | A vulnerability described as critical has been identified in SAP 3D Visual Enterprise Author 9. Affected by this issue is some unknown functionality of the file CoreCadTranslator.exe of the component SLDDRW File Handler. The manipulation results in memory corruption. This vulnerability is cataloged as CVE-2022-39806
vuldb.comrssforumnews

No tweets found for this CVE

Configuration 1
TypeVendorProduct
AppSap3d_visual_enterprise_author
ReferenceLink
MITREhttps://launchpad.support.sap.com/#/notes/3245929
MITREhttps://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
MISChttps://launchpad.support.sap.com/#/notes/3245929
MISChttps://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
MISChttps://launchpad.support.sap.com/#/notes/3245929
MISChttps://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
GITHUBhttps://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
GITHUBhttps://launchpad.support.sap.com/#/notes/3245929
GITHUBhttps://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
AF854A3A-2127-422B-91AE-364DA2661108https://launchpad.support.sap.com/%23/notes/3245929
[email protected]https://launchpad.support.sap.com/%23/notes/3245929
CWE IDCWE NameDescription
CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CWE-787Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.