CVE-2024-32488

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader and Editor versions prior to 2024.1

Description The issue allows Local Privilege Escalation during update checks due to weak permissions on the update-service folder. This weakness enables attackers to place crafted DLL files in the folder, potentially leading to exploitation.

Recommendations For versions prior to 2024.1, update to version 2024.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the update-service folder to prevent attackers from placing malicious DLL files.