Login Sign Up

CVE-2022-41200

7.8 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability in SAP 3D Visual Enterprise Viewer allows remote code execution when a user opens a malicious SVG file. Attackers can exploit memory management flaws to execute arbitrary code on the victim's system. Users of SAP 3D Visual Enterprise Viewer version 9 are affected.

💻 Affected Systems

Products:
  • SAP 3D Visual Enterprise Viewer
Versions: Version 9
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 9 are vulnerable when opening SVG files from untrusted sources.

📦 What is this software?

3d Visual Enterprise Viewer by Sap

View all CVEs affecting 3d Visual Enterprise Viewer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the victim's machine, enabling data theft, lateral movement, and persistent access.

🟠

Likely Case

Malware installation, data exfiltration, or ransomware deployment on individual workstations where users open malicious SVG files.

🟢

If Mitigated

Limited impact with proper security controls, potentially isolated to the application sandbox if present.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires user interaction (opening malicious file) but no authentication. Memory corruption vulnerabilities can be complex to exploit reliably.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply SAP Security Note 3245928

Vendor Advisory: https://launchpad.support.sap.com/#/notes/3245928

Restart Required: Yes

Instructions:

1. Download patch from SAP Support Portal. 2. Apply SAP Security Note 3245928. 3. Restart affected systems. 4. Verify installation.

🔧 Temporary Workarounds

Disable SVG file association

all

Prevent SVG files from opening in SAP 3D Visual Enterprise Viewer by default

Windows: Use Default Programs settings to change SVG file association
Linux: Update mime-type associations

Application control

all

Restrict execution of SAP 3D Visual Enterprise Viewer to trusted users only

🧯 If You Can't Patch

  • Block SVG files at email gateways and web proxies
  • Implement user training to avoid opening SVG files from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Check if SAP 3D Visual Enterprise Viewer version 9 is installed without Security Note 3245928 applied

Check Version:

Check application version in About dialog or installation directory

Verify Fix Applied:

Verify Security Note 3245928 is installed and version information updated

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when opening SVG files
  • Unusual process creation from SAP 3D Visual Enterprise Viewer

Network Indicators:

  • Downloads of SVG files followed by application execution

SIEM Query:

Process creation where parent_process contains 'SAP 3D Visual Enterprise Viewer' AND process_name NOT IN (expected_processes)

📊 Metadata

CVE ID: CVE-2022-41200
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-119
Published: October 11, 2022
Last Updated: February 25, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-41200, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)