CVE-2025-59803

Name of the Vulnerable Software and Affected Versions Foxit PDF Editor and Reader versions prior to 2025.2.1 Foxit PDF Reader versions prior to 2025.2.1 Foxit PDF Editor versions prior to 2025.2.1

Description The software is susceptible to signature spoofing through the use of triggers. An attacker can embed triggers, such as JavaScript, within a PDF document. These triggers execute during the signing process. While the document initially appears normal to the signer, the triggers can modify content on other pages or optional content layers after the signature is applied, without providing a warning. This modification can result in a signed PDF differing from the version the signer reviewed, compromising the integrity of the digital signature.

Recommendations Update Foxit PDF Editor and Reader to version 2025.2.1 or later. Update Foxit PDF Editor to version 14.0.1 or later. Update Foxit PDF Reader to version 13.2.1 or later.