3D Builder Remote Code Execution Vulnerability Affects Windows Users

CVECVE-2023-23377
CVSScvssV3_1: 7.8
SourceCVE-2023-23377

The 3D Builder app included in Windows has a remote code execution vulnerability that could allow an attacker to execute arbitrary code on affected systems.

3D Builder is a 3D modeling app by Microsoft that allows users to view, edit and print 3D objects. However, researchers found that it is possible to craft a specially crafted 3D file that could exploit a bug in 3D Builder and execute malicious code remotely without any user interaction.

An attacker could host a boobytrapped 3D file online or send it via email under the pretext of an innocent file. Once opened in 3D Builder, the vulnerability would be exploited and the attacker’s code would run with the same privileges as the 3D Builder process without the user’s knowledge.

This could allow the installation of malware, ransomware or spyware on the target system. Sensitive data could be stolen and systems could be incorporated into botnets for distributed denial of service attacks.

The best way to protect yourself is to keep your Windows operating system and apps like 3D Builder updated with the latest patches. Also be wary of opening unexpected 3D files, especially from untrusted sources online or via email attachments. Using an antivirus program can also help detect and block any malware attempted to be installed using this vulnerability.

References