PT-2023-24236 · Foxit · Foxit Pdf Reader+1
Published
2023-05-19
·
Updated
2026-03-01
·
CVE-2023-33240
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Foxit PDF Reader versions 12.1.1.15289 and earlier
Foxit PDF Editor versions 12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier
Description
The issue allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service.
Recommendations
For Foxit PDF Reader versions 12.1.1.15289 and earlier, update to version 12.1.2 or later.
For Foxit PDF Editor versions 12.1.1.15289 and all previous 12.x versions, update to version 12.1.2 or later.
For Foxit PDF Editor versions 11.2.5.53785 and all previous 11.x versions, update to version 12.1.2 or later.
For Foxit PDF Editor versions 10.1.11.37866 and earlier, update to version 12.1.2 or later.
Fix
LPE
RCE
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foxit Pdf Editor
Foxit Pdf Reader