3D Builder Remote Code Execution Vulnerability Affects Windows Users

CVECVE-2023-21788
CVSScvssV3_1: 7.8
SourceCVE-2023-21788

The 3D Builder app included in Windows has a remote code execution vulnerability that could allow an attacker to execute arbitrary code on affected systems.

3D Builder is a 3D modeling app by Microsoft that allows users to view, edit and print 3D objects. However, researchers found that it is possible to craft a specially crafted 3D file that could exploit a vulnerability in 3D Builder and execute malicious code remotely without any user interaction.

An attacker could host a boobytrapped 3D file online or send it via email under the pretext of an innocent file. Once opened in 3D Builder, the malicious code embedded in the file would run with the same privileges as 3D Builder without the user’s knowledge. This could allow the attacker to infect the system with malware, steal sensitive information or take complete control of the affected computer.

The vulnerability received a CVSS score of 7.8, making it a serious remote code execution flaw. To stay protected, Windows users should ensure they have installed the latest updates for 3D Builder from Windows Update. It is also recommended to be cautious of opening 3D files from untrusted sources until an official patch is released by Microsoft.

References