CVE-2022-27654: Input Validation
First published: Tue Apr 12 2022(Updated: )
When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP 3D Visual Enterprise Viewer | =9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-27654?
The severity of CVE-2022-27654 is medium with a severity value of 6.5.
What is affected by CVE-2022-27654?
SAP 3D Visual Enterprise Viewer version 9.0 is affected by CVE-2022-27654.
How does CVE-2022-27654 affect the application?
When a user opens a manipulated Photoshop Document received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9.0, the application crashes and becomes temporarily unavailable until restart.
How can the application be temporarily restored after the crash caused by CVE-2022-27654?
To restore the application after the crash caused by CVE-2022-27654, the user needs to restart the application.
Is there any official reference for CVE-2022-27654?
Yes, you can find more information about CVE-2022-27654 in SAP Note 3143437 and the SAP document.
- collector/nvd-index
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap 3d visual enterprise viewer
- version/sap 3d visual enterprise viewer/9