Login Sign Up

CVE-2021-27587

7.8 HIGH
Denial of Service

📋 TL;DR

CVE-2021-27587 is a denial-of-service vulnerability in SAP 3D Visual Enterprise Viewer version 9 that crashes the application when opening malicious Jupiter Tessellation (.JT) files. This affects users who open untrusted JT files, temporarily making the viewer unavailable until restarted.

💻 Affected Systems

Products:
  • SAP 3D Visual Enterprise Viewer
Versions: Version 9
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects version 9; earlier versions may be unaffected but not officially confirmed.

📦 What is this software?

3d Visual Enterprise Viewer by Sap

View all CVEs affecting 3d Visual Enterprise Viewer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash requiring restart, potentially disrupting workflows if critical files need viewing.

🟠

Likely Case

Temporary application unavailability when users accidentally open malicious JT files from untrusted sources.

🟢

If Mitigated

No impact if users only open trusted JT files or have patched the application.

🌐 Internet-Facing: LOW - The viewer is typically not internet-facing; exploitation requires user interaction with malicious files.
🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing or shared malicious files, causing productivity disruption.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW - Requires user to open a malicious file.

Exploitation is straightforward but requires social engineering to deliver malicious JT files.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply SAP Note 3027758

Vendor Advisory: https://launchpad.support.sap.com/#/notes/3027758

Restart Required: Yes

Instructions:

1. Download patch from SAP Note 3027758. 2. Install according to SAP instructions. 3. Restart the application.

🔧 Temporary Workarounds

Restrict JT file handling

all

Block or warn users from opening JT files from untrusted sources.

Use alternative viewer

all

Temporarily use a different 3D viewer for JT files until patched.

🧯 If You Can't Patch

  • Educate users to avoid opening JT files from unknown or untrusted sources.
  • Implement application whitelisting to restrict execution of unpatched viewer versions.

🔍 How to Verify

Check if Vulnerable:

Check if SAP 3D Visual Enterprise Viewer version 9 is installed without SAP Note 3027758 applied.

Check Version:

Check application 'About' dialog or consult SAP documentation for version details.

Verify Fix Applied:

Verify SAP Note 3027758 is installed and application version is updated.

📡 Detection & Monitoring

Log Indicators:

  • Application crash logs related to JT file parsing
  • Error messages mentioning Jupiter Tessellation or .JT files

Network Indicators:

  • Unusual inbound transfers of JT files to user workstations

SIEM Query:

Search for 'SAP 3D Visual Enterprise Viewer' crash events or .JT file access patterns.

📊 Metadata

CVE ID: CVE-2021-27587
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Published: March 9, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON