Remote Code Execution Flaws Found In Foxit Reader And PhantomPDF

Users of Foxit PDF Reader and PhantomPDF need to update their devices ASAP, reportedly both software exhibited numerous security flaws that could lead to remote code execution upon an exploit.

Foxit PDF Reader And PhantomPDF Flaws

According to a recent advisory from Foxit, Foxit PDF Reader and PhantomPDF had serious security flaws.

As revealed by Trend Micro ZDI, four different high-severity flaws affected Foxit PDF Reader that could allow remote code execution. Two of these vulnerabilities (CVE-2020-10899 and CVE-2020-10907) existed in the XFA templates. Whereas, similar flaws existed in AcroForms (CVE-2020-10900) and the resetForm method (CVE-2020-10906) of the software.

All four bugs received a CVSS score of 7.8. Explaining further about the flaws, ZDI stated,

The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.

Likewise, ZDI also shared details of various remote code execution vulnerabilities in PhantomPDF Reader. These vulnerabilities could also allow remote code execution when triggered.

Apart from the two apps, security bugs also affected Foxit’s U3DBrowser Plugin. It’s a plugin that helps in viewing embedded 3D annotations in PDF documents.

Patches Rolled Out

Foxit has confirmed that the vulnerabilities affected Foxit PDF Reader and PhantomPDF Reader versions 9.7.1.29511 and earlier, and 3D Plugin Beta versions 9.7.1.29511 and earlier.

Consequently, vendors have patched the flaws with the release of Foxit Reader 9.7.2, Foxit PhantomPDF 9.7.2, and 3D Plugin Beta 9.7.2.29539 respectively.

Since the fixes are out, users must ensure updating their devices with the patched versions to avoid potential exploit.

The previous updates from Foxit came out in October 2019, when they patched eight different bugs in Foxit PDF Reader. Those bugs also included remote code execution vulnerabilities.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients