CVE-2023-36739

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 12, 2023

Updated: May 29, 2024

CWE ID 122

Summary

CVE-2023-36739 is a remote code execution vulnerability affecting certain 3D viewer applications. An attacker can exploit this flaw by sending a maliciously crafted file to a targeted user, leading to arbitrary code execution on the victim's system. Successful exploitation may result in unauthorized access, data theft, or system compromises. Users are advised to update their 3D viewer software to the latest version that addresses this vulnerability to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft 3D Viewer

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ryjwGO
https://www.cve.org/CVERecord?id=CVE-2023-36739
https://nvd.nist.gov/vuln/detail/CVE-2023-36739

Back to Vulnerability Database