ГлавнаяУязвимости → CVE-2025-13941
8.8высокая

CVE-2025-13941

Описание

A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these resources, which are later executed by the service, resulting in execution of arbitrary code with SYSTEM privileges.

Затрагиваемое ПО
Foxit Pdf editorFoxit Pdf readerMicrosoft Windows
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Источники
https://www.foxit.com/support/security-bulletins.html