## SAP 3D Visual Enterprise Viewer GIF File Parsing Memory Corruption Remote Code Execution Vulnerability - **Identification:** - ZDI ID: ZDI-20-1166 - ZDI CAN ID: ZDI-CAN-11289 - CVE ID: CVE-2020-6349 - **Severity:** - CVSS Score: 7.8 - Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - **Affected Components:** - Vendor: SAP - Product: 3D Visual Enterprise Viewer - **Description:** - This vulnerability allows remote attackers to execute arbitrary code on targeted SAP 3D Visual Enterprise Viewer installations. It requires user interaction, as the victim must access a malicious web page or open a compromised file. - The vulnerability arises from insufficient validation of user-supplied data during the processing of GIF files, which may result in memory corruption and enable the attacker to execute code within the context of the current process. - **Mitigation:** - SAP has released an update to address this vulnerability. Additional information is available at: [https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700](https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700) - **Disclosure Timeline:** - Reported to Vendor: 2020-07-10 - Public Advisory Release: 2020-09-10 - Advisory Revision: 2021-01-27 - **Acknowledgment:** - Researcher: Francis Provencher (PRL)