A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege.
The product does not validate, or incorrectly validates, a certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Pdf_editor | Foxit | * | 11.2.9.53938 (including) |
Pdf_editor | Foxit | 12.0.0 (including) | 12.1.6.15509 (including) |
Pdf_editor | Foxit | 13.0.0 (including) | 13.1.1.22432 (including) |
Pdf_editor | Foxit | 2023.1.0.15510 (including) | 2023.3.0.23028 (including) |
Pdf_editor | Foxit | 2024.1.0.23997 (including) | 2024.2.1.25153 (including) |
Pdf_reader | Foxit | * | 2024.2.1.25153 (including) |