ГлавнаяУязвимости → CVE-2026-3780
7.3высокая

CVE-2026-3780

Описание

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the legitimate system files, resulting in local privilege escalation.

Затрагиваемое ПО
Foxit Pdf editorFoxit Pdf readerMicrosoft Windows
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Источники
https://www.foxit.com/support/security-bulletins.html