CVE-2022-32243: 
SAP 3D Visual Enterprise Viewer vulnerability analysis and mitigation

When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. This vulnerability, identified as CVE-2022-32243, was discovered in June 2022 and affects SAP 3D Visual Enterprise Viewer versions up to 9.0 (NVD).

The vulnerability is classified as an Improper Input Validation (CWE-20) issue. It has received a CVSS v3.1 Base Score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H, indicating local access is required and user interaction is needed. The CVSS v2.0 Base Score is 4.3 (Medium) with vector (AV:N/AC:M/Au:N/C:N/I:N/A:P) (NVD).

The primary impact of this vulnerability is on the availability of the SAP 3D Visual Enterprise Viewer application. When exploited, it causes the application to crash, making it temporarily unavailable until the user restarts the program (NVD).

Users should update to a patched version of SAP 3D Visual Enterprise Viewer. Additionally, users should exercise caution when opening SVG files from untrusted sources (NVD).