Remote Code Execution Flaws Found In Foxit Reader And PhantomPDF

  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

Users of Foxit PDF Reader and PhantomPDF need to update their devices ASAP, reportedly both software exhibited numerous security flaws that could lead to remote code execution upon an exploit.

Foxit PDF Reader And PhantomPDF Flaws

According to a recent advisory from Foxit, Foxit PDF Reader and PhantomPDF had serious security flaws.

As revealed by Trend Micro ZDI, four different high-severity flaws affected Foxit PDF Reader that could allow remote code execution. Two of these vulnerabilities (CVE-2020-10899 and CVE-2020-10907) existed in the XFA templates. Whereas, similar flaws existed in AcroForms (CVE-2020-10900) and the resetForm method (CVE-2020-10906) of the software.

All four bugs received a CVSS score of 7.8. Explaining further about the flaws, ZDI stated,

The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.

Likewise, ZDI also shared details of various remote code execution vulnerabilities in PhantomPDF Reader. These vulnerabilities could also allow remote code execution when triggered.

Apart from the two apps, security bugs also affected Foxit’s U3DBrowser Plugin. It’s a plugin that helps in viewing embedded 3D annotations in PDF documents.

Patches Rolled Out

Foxit has confirmed that the vulnerabilities affected Foxit PDF Reader and PhantomPDF Reader versions 9.7.1.29511 and earlier, and 3D Plugin Beta versions 9.7.1.29511 and earlier.

Consequently, vendors have patched the flaws with the release of Foxit Reader 9.7.2, Foxit PhantomPDF 9.7.2, and 3D Plugin Beta 9.7.2.29539 respectively.

Since the fixes are out, users must ensure updating their devices with the patched versions to avoid potential exploit.

The previous updates from Foxit came out in October 2019, when they patched eight different bugs in Foxit PDF Reader. Those bugs also included remote code execution vulnerabilities.

Let us know your thoughts in the comments.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!