Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-66494 (GCVE-0-2025-66494)
Vulnerability from cvelistv5 – Published: 2025-12-19 07:08 – Updated: 2025-12-19 14:49
VLAI
EPSS
Title
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability
Summary
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2025.2.1 and earlier
Affected: Versions 14.0.1 and earlier Affected: Versions 13.2.1 and eariler |
|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2025.2.1 and earlier
Affected: Versions 14.0.1 and earlier Affected: Versions 13.2.1 and eariler |
Credits
Anonymous working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T14:49:11.512345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T14:49:35.554Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2025.2.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.1 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.1 and eariler"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2025.2.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.1 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.1 and eariler"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Anonymous working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.\n\n\u003cbr\u003e"
}
],
"value": "A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T07:08:51.349Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2025-66494",
"datePublished": "2025-12-19T07:08:51.349Z",
"dateReserved": "2025-12-03T01:33:55.297Z",
"dateUpdated": "2025-12-19T14:49:35.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-66494",
"date": "2026-06-05",
"epss": "0.00051",
"percentile": "0.16322"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-66494\",\"sourceIdentifier\":\"14984358-7092-470d-8f34-ade47a7658a2\",\"published\":\"2025-12-19T07:16:02.177\",\"lastModified\":\"2025-12-23T17:36:30.107\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"14984358-7092-470d-8f34-ade47a7658a2\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"14984358-7092-470d-8f34-ade47a7658a2\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"13.2.1.23955\",\"matchCriteriaId\":\"AAE67A0F-4DFE-4268-90D5-789CCA2155A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0.33046\",\"versionEndIncluding\":\"14.0.1.33197\",\"matchCriteriaId\":\"F1694C31-1717-40B3-9E11-773E39F288A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.1.0.15510\",\"versionEndIncluding\":\"2023.3.0.23028\",\"matchCriteriaId\":\"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024.1.0.23997\",\"versionEndIncluding\":\"2024.4.1.27687\",\"matchCriteriaId\":\"2C06BC41-9831-4AE3-B10B-3FC313D01580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025.1.0.27937\",\"versionEndIncluding\":\"2025.2.1.33197\",\"matchCriteriaId\":\"4AC7F7F1-B05D-48C7-9DD3-CFC7CBA2E275\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2025.2.1.33197\",\"matchCriteriaId\":\"538915D1-1531-44A8-B15D-BCFE1356BCB5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://www.foxit.com/support/security-bulletins.html\",\"source\":\"14984358-7092-470d-8f34-ade47a7658a2\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-66494\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-19T14:49:11.512345Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-19T14:49:25.107Z\"}}], \"cna\": {\"title\": \"Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Anonymous working with Trend Micro Zero Day Initiative\"}], \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Potential arbitrary code execution\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Foxit Software Inc.\", \"product\": \"Foxit PDF Reader\", \"versions\": [{\"status\": \"affected\", \"version\": \"Versions 2025.2.1 and earlier\"}, {\"status\": \"affected\", \"version\": \"Versions 14.0.1 and earlier\"}, {\"status\": \"affected\", \"version\": \"Versions 13.2.1 and eariler\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Foxit Software Inc.\", \"product\": \"Foxit PDF Editor\", \"versions\": [{\"status\": \"affected\", \"version\": \"Versions 2025.2.1 and earlier\"}, {\"status\": \"affected\", \"version\": \"Versions 14.0.1 and earlier\"}, {\"status\": \"affected\", \"version\": \"Versions 13.2.1 and eariler\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.foxit.com/support/security-bulletins.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"14984358-7092-470d-8f34-ade47a7658a2\", \"shortName\": \"Foxit\", \"dateUpdated\": \"2025-12-19T07:08:51.349Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-66494\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-19T14:49:35.554Z\", \"dateReserved\": \"2025-12-03T01:33:55.297Z\", \"assignerOrgId\": \"14984358-7092-470d-8f34-ade47a7658a2\", \"datePublished\": \"2025-12-19T07:08:51.349Z\", \"assignerShortName\": \"Foxit\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2025-AVI-1130
Vulnerability from certfr_avis - Published: 2025-12-19 - Updated: 2025-12-19
De multiples vulnérabilités ont été découvertes dans les produits Foxit. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Foxit | PDF Editor | PDF Editor pour Windows versions 2023.x, 2024.x et 2025.x antérieures à 2025.3 | ||
| Foxit | PDF Editor | PDF Editor pour MAC versions 2023.x, 2024.x et 2025.x antérieures à 2025.3 | ||
| Foxit | PDF Editor | PDF Editor pour Windows versions 13.x antérieures à 13.2.2 | ||
| Foxit | PDF Editor | PDF Editor pour MAC versions 13.x antérieures à 13.2.2 | ||
| Foxit | PDF Editor | PDF Editor pour MAC versions 14.x antérieures à 14.0.2 | ||
| Foxit | PDF Reader | PDF Reader pour MAC versions antérieures à 2025.3 | ||
| Foxit | PDF Editor | PDF Editor pour Windows versions 14.x antérieures à 14.0.2 | ||
| Foxit | PDF Reader | PDF Reader pour Windows versions antérieures à 2025.3 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PDF Editor pour Windows versions 2023.x, 2024.x et 2025.x ant\u00e9rieures \u00e0 2025.3",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Editor pour MAC versions 2023.x, 2024.x et 2025.x ant\u00e9rieures \u00e0 2025.3",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Editor pour Windows versions 13.x ant\u00e9rieures \u00e0 13.2.2",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Editor pour MAC versions 13.x ant\u00e9rieures \u00e0 13.2.2",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Editor pour MAC versions 14.x ant\u00e9rieures \u00e0 14.0.2",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Reader pour MAC versions ant\u00e9rieures \u00e0 2025.3",
"product": {
"name": "PDF Reader",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Editor pour Windows versions 14.x ant\u00e9rieures \u00e0 14.0.2",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Reader pour Windows versions ant\u00e9rieures \u00e0 2025.3",
"product": {
"name": "PDF Reader",
"vendor": {
"name": "Foxit",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-66499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66499"
},
{
"name": "CVE-2025-59488",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59488"
},
{
"name": "CVE-2025-66493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66493"
},
{
"name": "CVE-2025-57779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57779"
},
{
"name": "CVE-2025-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58085"
},
{
"name": "CVE-2025-13941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13941"
},
{
"name": "CVE-2025-66497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66497"
},
{
"name": "CVE-2025-66495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66495"
},
{
"name": "CVE-2025-66498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66498"
},
{
"name": "CVE-2025-66496",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66496"
},
{
"name": "CVE-2025-66494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66494"
}
],
"initial_release_date": "2025-12-19T00:00:00",
"last_revision_date": "2025-12-19T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1130",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Foxit. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Foxit",
"vendor_advisories": [
{
"published_at": "2025-12-19",
"title": "Bulletin de s\u00e9curit\u00e9 FoxIT security-bulletins.php",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
]
}
FKIE_CVE-2025-66494
Vulnerability from fkie_nvd - Published: 2025-12-19 07:16 - Updated: 2025-12-23 17:36
Severity
Summary
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.
References
| URL | Tags | ||
|---|---|---|---|
| 14984358-7092-470d-8f34-ade47a7658a2 | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_reader | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE67A0F-4DFE-4268-90D5-789CCA2155A6",
"versionEndIncluding": "13.2.1.23955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1694C31-1717-40B3-9E11-773E39F288A8",
"versionEndIncluding": "14.0.1.33197",
"versionStartIncluding": "14.0.0.33046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C06BC41-9831-4AE3-B10B-3FC313D01580",
"versionEndIncluding": "2024.4.1.27687",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC7F7F1-B05D-48C7-9DD3-CFC7CBA2E275",
"versionEndIncluding": "2025.2.1.33197",
"versionStartIncluding": "2025.1.0.27937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "538915D1-1531-44A8-B15D-BCFE1356BCB5",
"versionEndIncluding": "2025.2.1.33197",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code."
}
],
"id": "CVE-2025-66494",
"lastModified": "2025-12-23T17:36:30.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "14984358-7092-470d-8f34-ade47a7658a2",
"type": "Secondary"
}
]
},
"published": "2025-12-19T07:16:02.177",
"references": [
{
"source": "14984358-7092-470d-8f34-ade47a7658a2",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"sourceIdentifier": "14984358-7092-470d-8f34-ade47a7658a2",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "14984358-7092-470d-8f34-ade47a7658a2",
"type": "Secondary"
}
]
}
GHSA-4Q8Q-3R7H-5J3F
Vulnerability from github – Published: 2025-12-19 09:30 – Updated: 2025-12-19 09:30
VLAI
Details
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2025-66494"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-19T07:16:02Z",
"severity": "HIGH"
},
"details": "A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.",
"id": "GHSA-4q8q-3r7h-5j3f",
"modified": "2025-12-19T09:30:28Z",
"published": "2025-12-19T09:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66494"
},
{
"type": "WEB",
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
NCSC-2025-0401
Vulnerability from csaf_ncscnl - Published: 2025-12-24 09:14 - Updated: 2025-12-24 09:14Summary
Kwetsbaarheden verholpen in Foxit PDF Reader
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Foxit heeft kwetsbaarheden verholpen in Foxit PDF Reader (Specifiek voor versies vóór 2025.2.1, 14.0.1 en 13.2.1 op Windows en MacOS).
Interpretaties: De kwetsbaarheden omvatten een lokale privilege-escalatie, een use-after-free kwetsbaarheid en een geheugenbeschadiging gerelateerd aan onvoldoende grenzencontrole bij de verwerking van 3D-annotaties. Aanvallers kunnen deze kwetsbaarheden misbruiken om willekeurige code uit te voeren op de getroffen systemen, wat kan leiden tot ongeautoriseerde toegang en systeeminstabiliteit. De use-after-free kwetsbaarheid kan zelfs worden geactiveerd zonder gebruikersinteractie, wat het risico vergroot, vooral in omgevingen waar PDF-bestanden vaak worden geopend.
Oplossingen: Foxit heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-125: Out-of-bounds Read
CWE-190: Integer Overflow or Wraparound
CWE-416: Use After Free
CWE-732: Incorrect Permission Assignment for Critical Resource
CWE-787: Out-of-bounds Write
A local privilege escalation vulnerability in the Foxit PDF Reader/Editor Update Service allows low-privileged attackers to modify resources, potentially enabling arbitrary code execution with SYSTEM privileges.
8.8 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
A use-after-free vulnerability in Foxit PDF Reader and Foxit PDF Editor prior to versions 2025.2.1, 14.0.1, and 13.2.1 on Windows can be exploited via crafted JavaScript in a PDF, enabling arbitrary code execution.
7.8 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
A use-after-free vulnerability in Foxit PDF Reader versions prior to 2025.2.1, 14.0.1, and 13.2.1 on Windows could enable remote attackers to execute arbitrary code.
7.8 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
A use-after-free vulnerability in Foxit PDF Reader versions prior to 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS can be exploited via crafted JavaScript in PDFs, enabling arbitrary code execution.
7.8 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
A memory corruption vulnerability in Foxit PDF Reader is caused by insufficient bounds checking in 3D annotation handling, which can lead to memory corruption when processing specially crafted PDF files.
5.3 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
A memory corruption vulnerability in Foxit PDF Reader is caused by insufficient bounds checking in 3D annotation handling, which can lead to memory corruption when processing specially crafted PDF files.
5.3 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
A memory corruption vulnerability in Foxit PDF Reader is caused by insufficient bounds checking in 3D annotation handling, which can lead to memory corruption when processing specially crafted PDF files.
5.3 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in Foxit PDF Reader can be exploited via specially crafted JBIG2 data, potentially leading to remote code execution due to an integer overflow in image buffer size calculation.
7.8 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Foxit / PDF Editor
|
vers:unknown/* | ||
|
vers:unknown/*
Foxit / PDF Reader
|
vers:unknown/* |
References
12 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Foxit heeft kwetsbaarheden verholpen in Foxit PDF Reader (Specifiek voor versies v\u00f3\u00f3r 2025.2.1, 14.0.1 en 13.2.1 op Windows en MacOS).",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden omvatten een lokale privilege-escalatie, een use-after-free kwetsbaarheid en een geheugenbeschadiging gerelateerd aan onvoldoende grenzencontrole bij de verwerking van 3D-annotaties. Aanvallers kunnen deze kwetsbaarheden misbruiken om willekeurige code uit te voeren op de getroffen systemen, wat kan leiden tot ongeautoriseerde toegang en systeeminstabiliteit. De use-after-free kwetsbaarheid kan zelfs worden geactiveerd zonder gebruikersinteractie, wat het risico vergroot, vooral in omgevingen waar PDF-bestanden vaak worden geopend.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Foxit heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Kwetsbaarheden verholpen in Foxit PDF Reader",
"tracking": {
"current_release_date": "2025-12-24T09:14:56.590353Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0401",
"initial_release_date": "2025-12-24T09:14:56.590353Z",
"revision_history": [
{
"date": "2025-12-24T09:14:56.590353Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "PDF Editor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "PDF Reader"
}
],
"category": "vendor",
"name": "Foxit"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-13941",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "description",
"text": "A local privilege escalation vulnerability in the Foxit PDF Reader/Editor Update Service allows low-privileged attackers to modify resources, potentially enabling arbitrary code execution with SYSTEM privileges.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-13941 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-13941.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-13941"
},
{
"cve": "CVE-2025-57779",
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-57779 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-57779.json"
}
],
"title": "CVE-2025-57779"
},
{
"cve": "CVE-2025-58085",
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58085 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58085.json"
}
],
"title": "CVE-2025-58085"
},
{
"cve": "CVE-2025-59488",
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59488 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59488.json"
}
],
"title": "CVE-2025-59488"
},
{
"cve": "CVE-2025-66493",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Foxit PDF Reader and Foxit PDF Editor prior to versions 2025.2.1, 14.0.1, and 13.2.1 on Windows can be exploited via crafted JavaScript in a PDF, enabling arbitrary code execution.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-66493 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66493.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-66493"
},
{
"cve": "CVE-2025-66494",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Foxit PDF Reader versions prior to 2025.2.1, 14.0.1, and 13.2.1 on Windows could enable remote attackers to execute arbitrary code.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-66494 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66494.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-66494"
},
{
"cve": "CVE-2025-66495",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Foxit PDF Reader versions prior to 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS can be exploited via crafted JavaScript in PDFs, enabling arbitrary code execution.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-66495 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66495.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-66495"
},
{
"cve": "CVE-2025-66496",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "A memory corruption vulnerability in Foxit PDF Reader is caused by insufficient bounds checking in 3D annotation handling, which can lead to memory corruption when processing specially crafted PDF files.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-66496 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66496.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-66496"
},
{
"cve": "CVE-2025-66497",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "A memory corruption vulnerability in Foxit PDF Reader is caused by insufficient bounds checking in 3D annotation handling, which can lead to memory corruption when processing specially crafted PDF files.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-66497 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66497.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-66497"
},
{
"cve": "CVE-2025-66498",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "A memory corruption vulnerability in Foxit PDF Reader is caused by insufficient bounds checking in 3D annotation handling, which can lead to memory corruption when processing specially crafted PDF files.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-66498 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66498.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-66498"
},
{
"cve": "CVE-2025-66499",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Foxit PDF Reader can be exploited via specially crafted JBIG2 data, potentially leading to remote code execution due to an integer overflow in image buffer size calculation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-66499 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66499.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-66499"
}
]
}
WID-SEC-W-2025-2894
Vulnerability from csaf_certbund - Published: 2025-12-18 23:00 - Updated: 2025-12-18 23:00Summary
Foxit PDF Reader und Editor: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Foxit PDF Reader ist ein Programm zur Anzeige von PDF Dateien.
Foxit PDF Editor ist ein Tool zur Bearbeitung von PDF-Dateien.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Foxit PDF Reader und Foxit PDF Editor ausnutzen, um seine Privilegien zu erhöhen, Code auszuführen und um Speicherinhalte zu beschädigen.
Betroffene Betriebssysteme: - MacOS X
- Windows
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Foxit PDF Editor <14.0.2
Foxit / PDF Editor
|
<14.0.2 | ||
|
Foxit PDF Editor <2025.3
Foxit / PDF Editor
|
<2025.3 | ||
|
Foxit PDF Reader <2025.3
Foxit / PDF Reader
|
<2025.3 | ||
|
Foxit PDF Editor <13.2.2
Foxit / PDF Editor
|
<13.2.2 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Foxit PDF Reader ist ein Programm zur Anzeige von PDF Dateien.\r\nFoxit PDF Editor ist ein Tool zur Bearbeitung von PDF-Dateien.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Foxit PDF Reader und Foxit PDF Editor ausnutzen, um seine Privilegien zu erh\u00f6hen, Code auszuf\u00fchren und um Speicherinhalte zu besch\u00e4digen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2894 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2894.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2894 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2894"
},
{
"category": "external",
"summary": "Foxit Security bulletins vom 2025-12-18",
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source_lang": "en-US",
"title": "Foxit PDF Reader und Editor: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-12-18T23:00:00.000+00:00",
"generator": {
"date": "2025-12-19T11:44:58.117+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2894",
"initial_release_date": "2025-12-18T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-12-18T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.3",
"product": {
"name": "Foxit PDF Editor \u003c2025.3",
"product_id": "T049586"
}
},
{
"category": "product_version",
"name": "2025.3",
"product": {
"name": "Foxit PDF Editor 2025.3",
"product_id": "T049586-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:2025.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c14.0.2",
"product": {
"name": "Foxit PDF Editor \u003c14.0.2",
"product_id": "T049587"
}
},
{
"category": "product_version",
"name": "14.0.2",
"product": {
"name": "Foxit PDF Editor 14.0.2",
"product_id": "T049587-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:14.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c13.2.2",
"product": {
"name": "Foxit PDF Editor \u003c13.2.2",
"product_id": "T049588"
}
},
{
"category": "product_version",
"name": "13.2.2",
"product": {
"name": "Foxit PDF Editor 13.2.2",
"product_id": "T049588-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:13.2.2"
}
}
}
],
"category": "product_name",
"name": "PDF Editor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.3",
"product": {
"name": "Foxit PDF Reader \u003c2025.3",
"product_id": "T049585"
}
},
{
"category": "product_version",
"name": "2025.3",
"product": {
"name": "Foxit PDF Reader 2025.3",
"product_id": "T049585-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:foxit_reader:2025.3"
}
}
}
],
"category": "product_name",
"name": "PDF Reader"
}
],
"category": "vendor",
"name": "Foxit"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-13941",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-13941"
},
{
"cve": "CVE-2025-57779",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-57779"
},
{
"cve": "CVE-2025-58085",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-58085"
},
{
"cve": "CVE-2025-59488",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-59488"
},
{
"cve": "CVE-2025-66493",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-66493"
},
{
"cve": "CVE-2025-66494",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-66494"
},
{
"cve": "CVE-2025-66495",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-66495"
},
{
"cve": "CVE-2025-66496",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-66496"
},
{
"cve": "CVE-2025-66497",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-66497"
},
{
"cve": "CVE-2025-66498",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-66498"
},
{
"cve": "CVE-2025-66499",
"product_status": {
"known_affected": [
"T049587",
"T049586",
"T049585",
"T049588"
]
},
"release_date": "2025-12-18T23:00:00.000+00:00",
"title": "CVE-2025-66499"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…