Lucene search

Kaspersky LabKLA68205

HistoryMay 24, 2024 - 12:00 a.m.

KLA68205 PE vulnerability in Foxit Reader

2024-05-2400:00:00

Kaspersky Lab

threats.kaspersky.com

foxit reader

privilege escalation

vulnerability

cve-2024-29072

update

CVSS3

8.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

7.1

Confidence

Low

EPSS

Percentile

9.0%

JSON

Privilege escalation vulnerability was found in Foxit Reader. Malicious users can exploit this vulnerability to gain privileges.

Original advisories

Foxit Security Bulletins

Related products

Foxit-Reader

CVE list

CVE-2024-29072 unknown

Solution

Update to the latest version

Download Foxit Reader

Impacts

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

Foxit Reader earlier than 2024.2.2.25170

References

statistics.securelist.com/

threats.kaspersky.com/en/product/Foxit-Reader/

www.foxit.com/support/security-bulletins.html

CVSS3

8.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

7.1

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for KLA68205